Dr Malcolm Pattinson

Adelaide Research Fellow

Adelaide Business School

Faculty of the Professions

My Research
Career
Publications
Supervision
Professional Activities
Contact

I am currently a Senior Research Fellow in the Adelaide Business School. Over the last two decades, my work has been dedicated to teaching and research in the domain of Information Security and Cyber Security, particularly in regard to the behaviour of digital-device users and how it impacts on organisational security. I am an integral member the multi-disciplinary Human Aspects of Cyber Security (HACS) Research Group, which has conducted research projects relating to: susceptibility of phishing email recipients; social engineering techniques of hackers; risk perceptions and behaviours of employees; cognitive aspects and personality traits of computer users; and the information security awareness of individuals. I am also a board member of the IFIP International Human Aspects of Information Security and Assurance (HAISA) conference, having hosted the November 2017 conference in Adelaide, Australia.

Expand

Appointments

Date Position Institution name
2017 - 2017 Adelaide Research Fellow University of Adelaide
2010 Senior Research Fellow Unirversity of Adelaide
1990 - 2009 Lecturer University of South Australia
Language Competencies

Language Competency
English Can read, write, speak, understand spoken and peer review

Date	Position	Institution name
2017 - 2017	Adelaide Research Fellow	University of Adelaide
2010	Senior Research Fellow	Unirversity of Adelaide
1990 - 2009	Lecturer	University of South Australia

Language	Competency
English	Can read, write, speak, understand spoken and peer review

Education

Date	Institution name	Country	Title
—	Univeristy of Adelaide	Australia	PhD
—	Flinders University	Australia	M. Commerce (by Research)
—	University of South Australia	Australia	B. App. Sc. (Data Processing)

Certifications

Date	Title	Institution name	Country
—	Certified Information Systems Auditor (CISA)	ISACA	—
—	Certified Information Security Manager (CISM)	ISACA	—
—	Certified in the Governance of Enterprice Information Technology (CGEIT)	ISACA	—
—	Certified in Risk and Information System Controls (CRISC)	ISACA	—

Research Interests

Computer System Security Computer-Human Interaction Information Systems Strategic, Defence & Security Studies

Expand

Journals

Year	Citation
2021	Pattinson, M. (2021). Risk Communication. Encyclopedia of Cryptography, Security and Privacy.
2020	Pattinson, M., Butavicius, M., Lillie, M., Ciccarello, B., Parsons, K., Calic, D., & McCormac, A. (2020). Matching training to individual learning styles improves information security awareness. Information and Computer Security, 28(1), 1-14. DOI Scopus4
2020	Butavicius, M., Parsons, K., Lillie, M., McCormac, A., Pattinson, M., & Calic, D. (2020). When believing in technology leads to poor cyber security: Development of a trust in technical controls scale. Computers and Security, 98, 11 pages. DOI Scopus2 WoS2
2018	McCormac, A., Calic, D., Parsons, K., Butavicius, M., Pattinson, M., & Lillie, M. (2018). The effect of resilience and job stress on information security awareness. Information and Computer Security, 26(3), 277-289. DOI Scopus11
2017	McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., & Pattinson, M. (2017). Individual differences and Information Security Awareness. Computers in Human Behavior, 69, 151-156. DOI Scopus86 WoS66
2017	Parsons, K., Calic, D., Pattinson, M., Butavicius, M., McCormac, A., & Zwaans, T. (2017). The Human Aspects of Information Security Questionnaire (HAIS-Q): Two further validation studies. Computers and Security, 66, 40-51. DOI Scopus91 WoS64
2017	McCormac, A., Calic, D., Butavicius, M., Parsons, K., Zwaans, T., & Pattinson, M. (2017). A reliable measure of Information Security Awareness and the identification of bias in responses. Australasian Journal of Information Systems, 21, 1-12. DOI Scopus8
2017	Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., & Calic, D. (2017). Managing information security awareness at an Australian bank: a comparative study. Information and Computer Security, 25(2), 181-189. DOI Scopus9
2016	Pattinson, M., Parsons, K., Butavicius, M., McCormac, A., & Calic, D. (2016). Assessing information security attitudes: a comparison of two studies. Information and Computer Security, 24(2), 228-240. DOI Scopus16
2015	Parsons, K., Young, E., Butavicius, M., McCormac, A., Pattinson, M., & Jerram, C. (2015). The influence of organizational information security culture on information security decision making. Journal of Cognitive Engineering and Decision Making, 9(2), 117-129. DOI Scopus32
2015	Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2015). The design of phishing studies: challenges for researchers. Computers and Security, 52, 194-206. DOI Scopus44 WoS33
2014	Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2014). A study of information security awareness in Australian government organisations. Information Management and Computer Security, 22(4), 334-345. DOI Scopus30
2014	Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C. (2014). Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q). Computers & Security, 42, 165-176. DOI Scopus152 WoS101
2012	Pattinson, M., Jerram, C., Parsons, K., McCormac, A., & Butavicius, M. (2012). Why do some people manage phishing e-mails better than others?. Information Management & Computer Security, 20(1), 18-28. DOI Scopus70
2007	Pattinson, M. R., & Anderson, G. (2007). How well are information risks being communicated to your computer end-users?. Information Management and Computer Security, 15(5), 362-371. DOI Scopus26
2006	Pattinson, M., & Anderson, G. (2006). Risk communication, risk perception and information security. IFIP International Federation for Information Processing, 193. Scopus5
2005	Pattinson, M., & Anderson, G. (2005). Risk communication, risk perception and information security. IFIP Advances in Information and Communication Technology, 193, 175-184. DOI Scopus5

Conference Papers

Year	Citation
2021	Ravidas, D., Pattinson, M. R., & Oliver, P. (2021). Cyber Security in Healthcare Organisations. In IFIP Advances in Information and Communication Technology Vol. 613 (pp. 3-11). DOI
2018	Parsons, K., Butavicius, M., Lillie, M., Calic, D., McCormac, A., & Pattinson, M. (2018). Which individual, cultural, organisational and inerventional factors explain phishing resilience?. In N. Clarke, & S. Furnell (Eds.), Proceedings of the Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018) (pp. 1-11). Dundee, Scotland, UK: University of Plymouth. WoS2
2018	Pattinson, M., Butavicius, M., Ciccarello, B., Lillie, M., Parsons, K., Calic, D., & McCormac, A. (2018). Adapting Cyber-Security Training to Your Employees. In N. Clarke, & S. Furnell (Eds.), PROCEEDINGS OF THE TWELFTH INTERNATIONAL SYMPOSIUM ON HUMAN ASPECTS OF INFORMATION SECURITY & ASSURANCE (HAISA 2018) (pp. 67-79). Dundee, SCOTLAND: PLYMOUTH UNIV. WoS2
2016	McCormac, A., Calic, D., Parsons, K., Zwaans, T., Butavicius, M., & Pattinson, M. (2016). Test-retest reliability and internal consistency of the human aspects of information security questionnaire (HAIS-Q). In Proceedings of the 27th Australasian Conference on Information Systems, ACIS 2016 (pp. 1-12). online: AIS. Scopus8
2016	Calic, D., Pattinson, M., Parsons, K., Butavicius, M., & McCormac, A. (2016). Naïve and accidental behaviours that compromise information security: what the experts think. In N. Clarke, & S. Furnell (Eds.), Proceedings of the 10th International Symposium on Human Aspects of Information Security & Assurance (pp. 12-21). Frankfurt, Germany: Plymouth University. Scopus12
2016	Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., Calic, D., & Jerram, C. (2016). The information security awareness of bank employees. In Proceedings of the 10th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2016 (pp. 189-198). Scopus2
2015	Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., & Jerram, C. (2015). Examining attitudes toward information security behaviour using mixed methods. In S. Furnell, & N. Clarke (Eds.), Proceedings of the 9th International Symposium on Human Aspects of Information Security & Assurance, HAISA 2015 (pp. 57-70). United Kingdom: Plymouth University. Scopus11
2015	Parsons, K., Butavicius, M., Pattinson, M., McCormac, A., Calic, D., & Jerram, C. (2015). Do users focus on the correct cues to differentiate between phishing and genuine emails?. In ACIS 2015 Proceedings - 26th Australasian Conference on Information Systems. Online: Association for Information Systems. Scopus5
2015	Butavicius, M., Parsons, K., Pattinson, M., & McCormac, A. (2015). Breaching the human firewall: Social engineering in phishing and spear-phishing emails. In ACIS 2015 Proceedings - 26th Australasian Conference on Information Systems. Online: Association for Information Systems. Scopus18
2015	Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., & Calic, D. (2015). Factors that influence information security behavior: an Australian web-based study. In T. Tryfonas, & I. Askoxylakis (Eds.), Proceedings of the International Conference on Human Aspects of Information Security, Privacy, and Trust Vol. 9190 (pp. 231-241). Los Angeles, CA: Springer. DOI Scopus27
2014	Parsons, K., Mccormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2014). Using actions and intentions to evaluate categorical responses to phishing and genuine emails. In Proceedings of the 8th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2014 (pp. 30-41). Plymouth, United Kingdom: University of Plymouth. Scopus2
2013	Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2013). An analysis of information security vulnerabilities at three Australian government organisations. In Proceedings of the European Information Security Multi-Conference, EISMC 2013 (pp. 34-44). Scopus8
2013	Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2013). Phishing for the truth: A scenario-based experiment of users’ behavioural response to emails. In L. Janczewski, H. Wolfe, & S. Shenoi (Eds.), IFIP Advances in Information and Communication Technology Vol. 405 (pp. 366-378). Auckland, NEW ZEALAND: SPRINGER-VERLAG BERLIN. DOI Scopus34 WoS21
2013	Pattinson, M., & Jerram, C. (2013). A study of information systems risk perceptions at a local government organisation. In Proceedings of the 24th Australasian Conference on Information Systems. Scopus1
2013	Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C. (2013). The development of the human aspects of information security questionnaire (HAIS-Q). In Proceedings of the 24th Australasian Conference on Information Systems (pp. 1-12). Australia. Scopus2
2011	Pattinson, M., Jerram, C., Parsons, K., McCormac, A., & Butavicius, M. (2011). Managing phishing emails: A scenario-based experiment. In Proceedings of the 5th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2011 (pp. 75-85). Scopus3
2010	Pattinson, M., & Jerram, C. (2010). Examining end-user perceptions of information risks: an application of the Repertory Grid Technique. In Proceedings of the South African Information Security Multi-Conference (pp. 2-12). UK: University of Plymouth.
2009	Ram, J., & Pattinson, M. (2009). Exploring antecedents of organisational adoption of ERP and their effect on performance of firms. In Proceedings of the 17th European Conference on Information Systems (pp. 1-13). Online: Association for Information Systems. Scopus6
2007	Pattinson, M., & Anderson, G. (2007). How well are information risks being communicated to your computer end-users?. In Proceedings of the International Symposium on Human Aspects of Information Security and Assurance, HAISA 2007 (pp. 25-36). Scopus1

Expand

Current Higher Degree by Research Supervision (University of Adelaide)

Date	Role	Research Topic	Program	Degree Type	Student Load	Student Name
2015	External Supervisor	The Assessment and Management of Human Resource Risk for Personnel Deployed on International Operations	Doctor of Philosophy	Doctorate	Part Time	Mr Mark Golsby

Expand

Board Memberships

Date Role Board name Institution name Country
2015 - 2016 Board Member Adelaide Chapter ISACA Australia

Date	Role	Board name	Institution name	Country
2015 - 2016	Board Member	Adelaide Chapter	ISACA	Australia

Position: Adelaide Research Fellow
Phone: 83133529
Email: malcolm.pattinson@adelaide.edu.au
Fax: 8313 4952
Campus: North Terrace
Building: Nexus 10 Tower, floor 10
Room: 10 40
Org Unit: Marketing

Dr Malcolm Pattinson

Appointments

Language Competencies

Education

Certifications

Research Interests

Journals

Conference Papers

Current Higher Degree by Research Supervision (University of Adelaide)

Board Memberships

Connect With Me

External Profiles