Who am I?
I am an Associate Professor at the University of Melbourne's School of Computing & Information Systems where I serve as Deputy Director of the Academic Centre of Cyber Security Excellence. My research and consulting expertise is in cybersecurity strategy, risk management, incident response and intellectual property protection
What is my research about?
I lead a unique team of Cybersecurity Management researchers drawn from Information Systems, Business Administration, Security Intelligence, and Information Warfare. I have authored over ninety scholarly articles in cybersecurity and received over $4M in grant funding. I am a member of the editorial board for the journal Computers & Security. My research has been published in high-impact journals such as the Journal of the Association for Information Science and Technology, Computers & Security and the International Journal of Information Management as well as leading conferences such as the International Conference on Information Systems.
Who do I work with?
I am affiliated with the Oceania Cyber Security Centre. I am an Ambassador for the Strategy and Policy dimensions of the Capacity Maturity Model for Nations. I have previously served as a cybersecurity consultant for WorleyParsons, Pinkerton and SinclairKnightMerz. I am a Certified Protection Professional with the American Society for Industrial Security.
Welcome to my personal academic website! My research is motivated by the research question:
How can organizations adapt their information-security strategy to an increasingly complex and evolving threat landscape?
I explore this question in a team of Cybersecurity Management researchers with my colleagues Sean Maynard, Humza Naseer and Moneer AlShaikh and ten PhD students. We are situated in the Doug McDonell building at the picturesque Parkville campus of the University of Melbourne.
We believe that the organisational capability to secure information resources spans people, process as well as technology. However, good cybersecurity starts at the top of an organisation and is embedded in quality management processes and practices.
Cybersecurity Management at the University of Melbourne is a unique team of organisational researchers with backgrounds in information systems, business administration, military science, political science, security intelligence, and information warfare.
Key Research Projects: Organizational Response to Cyber Attacks, Enterprise Security Strategy, IP & Trade Secret Leakage, Risk Assessment, Information Warfare.
The Cybersecurity Management team have released a short film on cybersecurity aimed at highlighting one of the key gaps in industry - vulnerabilities arising from the traditional disconnect between the Business and IT parts of the organization.
The film presents the story of Horizon, a pharmaceutical startup that has engineered a next generation drug only to have it stolen by a shadowy competitor. The CEO discovers an information security breach at the heart of a sophisticated and deliberate attack aimed at stealing the firm's core business capability.
The trailer features below. If you'd like to see the full 20 minute film please contact me on .