Dr Malcolm Pattinson

Adelaide Research Fellow

Office of the Deputy Vice-Chancellor and Vice-President (Research)

Division of Research and Innovation

Eligible to supervise Masters and PhD (as Co-Supervisor) - email supervisor to discuss availability.

My Research
Career
Publications
Supervision
Professional Activities
Contact

I am currently a Senior Research Fellow in the Adelaide Business School. Over the last two decades, my work has been dedicated to teaching and research in the domain of Information Security and Cyber Security, particularly in regard to the behaviour of digital-device users and how it impacts on organisational security. I am an integral member the multi-disciplinary Human Aspects of Cyber Security (HACS) Research Group, which has conducted research projects relating to: susceptibility of phishing email recipients; social engineering techniques of hackers; risk perceptions and behaviours of employees; cognitive aspects and personality traits of computer users; and the information security awareness of individuals. I am also a board member of the IFIP International Human Aspects of Information Security and Assurance (HAISA) conference, having hosted the November 2017 conference in Adelaide, Australia.

Appointments

Date	Position	Institution name
2017 - 2017	Adelaide Research Fellow	University of Adelaide
2010 - ongoing	Senior Research Fellow	Unirversity of Adelaide
1990 - 2009	Lecturer	University of South Australia

Language Competencies

Language Competency
English Can read, write, speak, understand spoken and peer review

Language	Competency
English	Can read, write, speak, understand spoken and peer review

Education

Institution name	Country	Title
Univeristy of Adelaide	Australia	PhD
Flinders University	Australia	M. Commerce (by Research)
University of South Australia	Australia	B. App. Sc. (Data Processing)

Certifications

Date	Title	Institution name	Country
—	Certified Information Systems Auditor (CISA)	ISACA	-
—	Certified Information Security Manager (CISM)	ISACA	-
—	Certified in the Governance of Enterprice Information Technology (CGEIT)	ISACA	-
—	Certified in Risk and Information System Controls (CRISC)	ISACA	-

Research Interests

Computer System Security Computer-Human Interaction Information Systems Strategic, Defence & Security Studies

Journals

Year	Citation
2021	Pattinson, M. (2021). Risk Communication. Encyclopedia of Cryptography, Security and Privacy.
2020	Pattinson, M., Butavicius, M., Lillie, M., Ciccarello, B., Parsons, K., Calic, D., & McCormac, A. (2020). Matching training to individual learning styles improves information security awareness. Information and Computer Security, 28(1), 1-14. DOI Scopus10
2020	Butavicius, M., Parsons, K., Lillie, M., McCormac, A., Pattinson, M., & Calic, D. (2020). When believing in technology leads to poor cyber security: Development of a trust in technical controls scale. Computers and Security, 98, 11 pages. DOI Scopus8 WoS7
2018	McCormac, A., Calic, D., Parsons, K., Butavicius, M., Pattinson, M., & Lillie, M. (2018). The effect of resilience and job stress on information security awareness. Information and Computer Security, 26(3), 277-289. DOI Scopus18
2017	McCormac, A., Zwaans, T., Parsons, K., Calic, D., Butavicius, M., & Pattinson, M. (2017). Individual differences and Information Security Awareness. Computers in Human Behavior, 69, 151-156. DOI Scopus139 WoS116
2017	Parsons, K., Calic, D., Pattinson, M., Butavicius, M., McCormac, A., & Zwaans, T. (2017). The Human Aspects of Information Security Questionnaire (HAIS-Q): Two further validation studies. Computers and Security, 66, 40-51. DOI Scopus130 WoS97
2017	McCormac, A., Calic, D., Butavicius, M., Parsons, K., Zwaans, T., & Pattinson, M. (2017). A reliable measure of Information Security Awareness and the identification of bias in responses. Australasian Journal of Information Systems, 21, 1-12. DOI Scopus16
2017	Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., & Calic, D. (2017). Managing information security awareness at an Australian bank: a comparative study. Information and Computer Security, 25(2), 181-189. DOI Scopus15
2016	Pattinson, M., Parsons, K., Butavicius, M., McCormac, A., & Calic, D. (2016). Assessing information security attitudes: a comparison of two studies. Information and Computer Security, 24(2), 228-240. DOI Scopus17
2015	Parsons, K., Young, E., Butavicius, M., McCormac, A., Pattinson, M., & Jerram, C. (2015). The influence of organizational information security culture on information security decision making. Journal of Cognitive Engineering and Decision Making, 9(2), 117-129. DOI Scopus42
2015	Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2015). The design of phishing studies: challenges for researchers. Computers and Security, 52, 194-206. DOI Scopus56 WoS42
2014	Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2014). A study of information security awareness in Australian government organisations. Information Management and Computer Security, 22(4), 334-345. DOI Scopus38
2014	Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C. (2014). Determining employee awareness using the Human Aspects of Information Security Questionnaire (HAIS-Q). Computers & Security, 42, 165-176. DOI Scopus195 WoS138
2012	Pattinson, M., Jerram, C., Parsons, K., McCormac, A., & Butavicius, M. (2012). Why do some people manage phishing e-mails better than others?. Information Management & Computer Security, 20(1), 18-28. DOI Scopus77
2007	Pattinson, M. R., & Anderson, G. (2007). How well are information risks being communicated to your computer end-users?. Information Management and Computer Security, 15(5), 362-371. DOI Scopus28
2006	Pattinson, M., & Anderson, G. (2006). Risk communication, risk perception and information security. IFIP International Federation for Information Processing, 193. Scopus5
2005	Pattinson, M., & Anderson, G. (2005). Risk communication, risk perception and information security. IFIP Advances in Information and Communication Technology, 193, 175-184. DOI Scopus7

Conference Papers

Year	Citation
2021	Ravidas, D., Pattinson, M. R., & Oliver, P. (2021). Cyber Security in Healthcare Organisations. In IFIP Advances in Information and Communication Technology Vol. 613 (pp. 3-11). Cham, Switzerland: Springer. DOI
2018	Parsons, K., Butavicius, M., Lillie, M., Calic, D., McCormac, A., & Pattinson, M. (2018). Which individual, cultural, organisational and inerventional factors explain phishing resilience?. In N. Clarke, & S. Furnell (Eds.), Proceedings of the Twelfth International Symposium on Human Aspects of Information Security & Assurance (HAISA 2018) (pp. 1-11). Dundee, Scotland, UK: University of Plymouth. WoS5
2018	Pattinson, M., Butavicius, M., Ciccarello, B., Lillie, M., Parsons, K., Calic, D., & McCormac, A. (2018). Adapting Cyber-Security Training to Your Employees. In N. Clarke, & S. Furnell (Eds.), PROCEEDINGS OF THE TWELFTH INTERNATIONAL SYMPOSIUM ON HUMAN ASPECTS OF INFORMATION SECURITY & ASSURANCE (HAISA 2018) (pp. 67-79). Dundee, SCOTLAND: PLYMOUTH UNIV. WoS3
2016	McCormac, A., Calic, D., Parsons, K., Zwaans, T., Butavicius, M., & Pattinson, M. (2016). Test-retest reliability and internal consistency of the human aspects of information security questionnaire (HAIS-Q). In Proceedings of the 27th Australasian Conference on Information Systems, ACIS 2016 (pp. 1-12). online: AIS. Scopus13
2016	Calic, D., Pattinson, M., Parsons, K., Butavicius, M., & McCormac, A. (2016). Naïve and accidental behaviours that compromise information security: what the experts think. In N. Clarke, & S. Furnell (Eds.), Proceedings of the 10th International Symposium on Human Aspects of Information Security & Assurance (pp. 12-21). Frankfurt, Germany: Plymouth University. Scopus13
2016	Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., Calic, D., & Jerram, C. (2016). The information security awareness of bank employees. In Proceedings of the 10th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2016 (pp. 189-198). Scopus4
2015	Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., & Jerram, C. (2015). Examining attitudes toward information security behaviour using mixed methods. In S. Furnell, & N. Clarke (Eds.), Proceedings of the 9th International Symposium on Human Aspects of Information Security & Assurance, HAISA 2015 (pp. 57-70). United Kingdom: Plymouth University. Scopus11
2015	Parsons, K., Butavicius, M., Pattinson, M., McCormac, A., Calic, D., & Jerram, C. (2015). Do users focus on the correct cues to differentiate between phishing and genuine emails?. In ACIS 2015 Proceedings - 26th Australasian Conference on Information Systems. Online: Association for Information Systems. Scopus10
2015	Butavicius, M., Parsons, K., Pattinson, M., & McCormac, A. (2015). Breaching the human firewall: Social engineering in phishing and spear-phishing emails. In ACIS 2015 Proceedings - 26th Australasian Conference on Information Systems. Online: Association for Information Systems. Scopus26
2015	Pattinson, M., Butavicius, M., Parsons, K., McCormac, A., & Calic, D. (2015). Factors that influence information security behavior: an Australian web-based study. In T. Tryfonas, & I. Askoxylakis (Eds.), Proceedings of the International Conference on Human Aspects of Information Security, Privacy, and Trust Vol. 9190 (pp. 231-241). Los Angeles, CA: Springer. DOI Scopus30
2014	Parsons, K., Mccormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2014). Using actions and intentions to evaluate categorical responses to phishing and genuine emails. In Proceedings of the 8th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2014 (pp. 30-41). Plymouth, United Kingdom: University of Plymouth. Scopus2
2013	Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2013). An analysis of information security vulnerabilities at three Australian government organisations. In Proceedings of the European Information Security Multi-Conference, EISMC 2013 (pp. 34-44). Scopus10
2013	Parsons, K., McCormac, A., Pattinson, M., Butavicius, M., & Jerram, C. (2013). Phishing for the truth: A scenario-based experiment of users’ behavioural response to emails. In L. Janczewski, H. Wolfe, & S. Shenoi (Eds.), IFIP Advances in Information and Communication Technology Vol. 405 (pp. 366-378). Auckland, NEW ZEALAND: SPRINGER-VERLAG BERLIN. DOI Scopus46 WoS28
2013	Pattinson, M., & Jerram, C. (2013). A study of information systems risk perceptions at a local government organisation. In Proceedings of the 24th Australasian Conference on Information Systems. Scopus2
2013	Parsons, K., McCormac, A., Butavicius, M., Pattinson, M., & Jerram, C. (2013). The development of the human aspects of information security questionnaire (HAIS-Q). In Proceedings of the 24th Australasian Conference on Information Systems (pp. 1-12). Australia. Scopus7
2011	Pattinson, M., Jerram, C., Parsons, K., McCormac, A., & Butavicius, M. (2011). Managing phishing emails: A scenario-based experiment. In Proceedings of the 5th International Symposium on Human Aspects of Information Security and Assurance, HAISA 2011 (pp. 75-85). Scopus6
2010	Pattinson, M., & Jerram, C. (2010). Examining end-user perceptions of information risks: an application of the Repertory Grid Technique. In Proceedings of the South African Information Security Multi-Conference (pp. 2-12). UK: University of Plymouth.
2009	Ram, J., & Pattinson, M. (2009). Exploring antecedents of organisational adoption of ERP and their effect on performance of firms. In Proceedings of the 17th European Conference on Information Systems (pp. 1-13). Online: Association for Information Systems. Scopus7
2007	Pattinson, M., & Anderson, G. (2007). How well are information risks being communicated to your computer end-users?. In Proceedings of the International Symposium on Human Aspects of Information Security and Assurance, HAISA 2007 (pp. 25-36). Scopus1
2003	Pattinson, M. R. (2003). COMPLIANCE WITH AN INFORMATION SECURITY MANAGEMENT STANDARD: A NEW APPROACH. In 9th Americas Conference on Information Systems, AMCIS 2003 (pp. 2050-2058). Scopus3

Current Higher Degree by Research Supervision (University of Adelaide)

Date	Role	Research Topic	Program	Degree Type	Student Load	Student Name
2015	Co-Supervisor	The Assessment and Management of Human Resource Risk for Personnel Deployed on International Operations	Doctor of Philosophy	Doctorate	Part Time	Mr Mark Golsby

Board Memberships

Date Role Board name Institution name Country
2015 - 2016 Board Member Adelaide Chapter ISACA Australia

Date	Role	Board name	Institution name	Country
2015 - 2016	Board Member	Adelaide Chapter	ISACA	Australia

Position: Adelaide Research Fellow
Email: malcolm.pattinson@adelaide.edu.au
Fax: 83134952
Campus: North Terrace
Building: Nexus 10, floor 10
Org Unit: Defence and Security Institute

Dr Malcolm Pattinson

Appointments

Language Competencies

Education

Certifications

Research Interests

Journals

Conference Papers

Current Higher Degree by Research Supervision (University of Adelaide)

Board Memberships

Connect With Me

External Profiles