Dr Atif Ahmad
Adjunct Senior Lecturer
Dr Ahmad has been teaching Information Security Management at the Department of Information Systems, University of Melbourne since 2003. In addition, he teaches three further subjects - eRisk Management, Incident Response and Strategic Security Management for the School of Enterprise as part of a Masters eCrime Program.
Subjects Currently Teaching at the University of Melbourne:
- Information Security Consulting – Postgraduate Subject
- Strategic Security Management (Information Security) – Postgraduate Subject
- Incident Response & Disaster Recovery – Postgraduate Subject
Specializes in information security risk identification and assessment, also has an interest and consulting experience in Document Security and Leakage Prevention. In the last seven years Atif has applied his expertise to critical infrastructure installations through association with Worley Parsons Ltd, Pinkerton Consulting Services (Australia) Ltd and other leading consulting firms.
In his capacity as the director of the Organizational Information Security Research Group, Atif supervises PhD students and collaborates on research grants. He is also involved in teaching and research both at an undergraduate as well as a postgraduate level in the area of information security and digital forensics.
1998-current: Academic, Department of Information Systems, University of Melbourne
In his capacity as the director of the Organizational Information Security Research Group Dr Ahmad supervises PhD Students and collaborates on research grants. He is also involved in teaching and research both at an Undergraduate and postgraduate level in the area of information security and digital forensics. He workw with a team of ten staff and postgraduate researchers on security areas such as risk, governance, culture, and forensics and knowledge management.
2002-May 2007: Subcontractor with Worley Parsons Ltd
Dr Ahmad functioned as an information security auditor and risk assessor for Worley Parsons. He has worked mainly with Worley Parsons’ energy clients, although has been asked to do information security audits as well. At Worley Parsons he functions as part of an integrated physical-cyber team where he is solely responsible for the cyber aspects of risk assessment and audit.
2000-May 2007: Subcontractor with Pinkerton Consulting (Aus) / Information Risk Group (USA)
Dr Ahmad had been leading information security audits of Pinkerton’s Australian and American clients since 2000. Through Pinkerton’s association, he has audited both traditional information-oriented corporations as well as Global Internet firms at the bleeding-edge of technological progress.
Awards and Recognition
- 2001: CPP- Board Certified Protection Professional (Security)
American Society for Industrial Security (ASIS)
Research Areas and Interests
- Document Security and Leakage Prevention
Dr Ahmad has been involved in information security and forensics research since 1995 studying at the Department of Computer Science. He jointly founded the Organizational and Information Security Group (OISG) with Dr. A.B. Ruighaver at the Department of Information Systems.This group was previously known as the Computer Security and Forensics Group. The last ten years has seen OISG move away from traditional (technical) computer security research towards information security in an organizational setting.
The OISG researches three main areas reflecting the interests of its core staff. These are Governance, Culture, and Risk Management in the domain of Information Security. The strong synergy between the three areas has enabled significant research progress to be achieved in a very short time.
Relative to peers in my research area I have an impressive publications record (three best listed below). In addition, in the last five years I have been involved in an intensive grant writing process as part of an interdisciplinary team of security researchers based at the University of Melbourne (full account of grant activity at the end of this CV).
Recent Publications (within the last five years)
- Soon Lim, J., Chang, S., Ahmad, A., Maynard, S., (2012), Towards an organizational culture framework for information security practices. Strategic and Practical Approaches for Information Security Governance: Technologies and Applied Solutions, 296-315, United States of America, DOI: 10.4018/978-1-4666-0197-0.ch017.
- Ahmad, A., Hadgkiss, J., Ruighaver, AB., (2012), Incident Response Teams - Challenges in Supporting the Organizational Security Function. Computers & Security, 31(5), 643-652, Amsterdam, The Netherlands.
- Molok, N., Ahmad, A., Chang, S., (2012), Online Social Networking: A Source of Intelligence for Advanced Persistent Threats. International Journal of Cyber Warfare and Terrorism, 2(1), 1-13, United States, DOI: 10.4018/ijcwt.2012010101.
- Ahmad, A., Maynard, S., Park, S., (2012), Information security strategies: towards an organizational multi-strategy perspective. Journal of Intelligent Manufacturing, 2012(July), 1-14, DOI: 10.1007/s10845-012-0683-0.
- Molok, NN., Ahmad, A., Chang, S., (2011), Information Leakage through Online Social Networking Opening the Doorway for Advanced Persistence Threats. The Journal of the Australian Institute of Professional Intelligence Officers, 19(2), 38-55.
- Ruighaver, A., Warren, M., Ahmad, A., (2011), Does traditional security risk assessment have a future in Information Security?. Journal of Information Warfare, 10(3), 16-28, Perth Western Australia.