Associate Professor Nalin Arachchilage

Dr Nalin Arachchilage is an Associate Professor in Cyber Security in the School of Computing Technologies at RMIT University, a Regenerative Futures Fellow, and the Group Leader of the Human-Centred Cyber Security (HCCS) research group within the RMIT Centre for Cyber Security Research and Innovation (CCSRI). Nalin's research advances human-centred cybersecurity and privacy by integrating the human, technical, and policy dimensions of digital trust. Positioned at the intersection of cyber security, human–computer interaction (HCI), software engineering, machine learning (ML), and natural language processing (NLP), his work focuses on building secure, ethical, and resilient technologies that place people at the centre of digital design. In recognition of his research impact and outreach, Nalin received RMIT’s Top Performer – Media Stars Award (2025). He currently leads the redevelopment of RMIT’s Master of Cyber Security program, integrating regenerative futures principles to create a cutting-edge, industry-informed, and culturally inclusive curriculum that fosters sustainable, ethical, and resilient cyber capabilities for the evolving digital landscape.

Nalin’s career reflects a global journey of academic leadership and innovation across Australia, New Zealand, the United Kingdom, Canada, Vietnam, and Sri Lanka. He has held senior research and teaching roles that bridge academia, industry, and government, shaping the next generation of cybersecurity education and practice.

At the University of Auckland, he served as Senior Lecturer and Assistant Head of School (Research), where he led the Master of Professional Studies in Digital Security program and strengthened research capacity in emerging areas of cyber resilience. He was previously a Senior Research Fellow at La Trobe University, contributing to the Optus–La Trobe Cyber Security Research Hub, advancing applied cybersecurity research and industry collaboration.

Nalin worked as a Lecturer in Cyber Security and previously led the Usable Security Engineering Group at UNSW within the Australian Defence Force Academy (ADFA), where he pioneered Australia’s first human‑centred cybersecurity courses for defence personnel.

His leadership brought together behavioural science and secure systems engineering to strengthen cyber resilience within military and national‑security contexts. His international research career began at the University of Oxford, where he worked as a Postdoctoral Research Assistant specialising in systems security engineering and trust frameworks. He then continued to the University of British Columbia (UBC) in Canada as a Postdoctoral Fellow, where he advanced research into technical security solutions that meaningfully integrate human behaviour, decision‑making, and risk perception into digital security and privacy design.

He has also held an Honorary Associate Professorship in Cyber Security at the University of Warwick (UK) and currently serves as a Technical Advisor to DEFSAFE Cyber Security Inc. (New Zealand), providing strategic direction on cyber risk, training, and product innovation.

Together, these experiences position Nalin as a thought leader at the intersection of research, education, and policy, dedicated to strengthening cyber resilience across communities, industry, and national security sectors.

 

Research Focus:

With a strong emphasis on building secure, resilient, and quantum‑ready critical infrastructure systems, Nalin’s research tackles some of the most pressing national and global cyber challenges, including:

🧠 Human-Centred Cybersecurity & Privacy: Designing secure systems that account for user behaviour, cognition, and decision-making.

🔐 Applied & Post-Quantum Cryptography: Supporting developers to integrate quantum-resilient algorithms into contemporary applications.

🤖 AI, ML, NLP & Responsible AI Security: Safeguarding systems and societies against AI-driven deception, misinformation, and adversarial attacks.

🛰️ Critical Infrastructure, Space, Satellite & IoT Security: Enhancing resilience and trust in cyber-physical and Positioning, Navigation and Timing (PNT) systems.

⚙️ Cybersecurity Capability, Policy & Regulation: Informing policy frameworks that strengthen national digital security and workforce capability.

 

Nalin’s interdisciplinary research has led to high-impact outcomes — including improving the OWASP Enterprise Security API (ESAPI 2.2.1.0), enabling developers worldwide to build more secure applications. He has presented his research at Facebook Headquarters (Menlo Park, USA), collaborated with HP Labs (Bristol, UK), and his work has featured widely across national and international media (ABC TV, ABC News Radio, Sky News Australia, TVNZ 1 News, Guardian Labs, and 10 News TV Australia).

 

Leadership & Engagement:

A recognised thought leader in human-centred cybersecurity, Nalin has served on program committees for the world’s premier security and privacy venues, including:

ACM CCS (2022–2024), ACM AsiaCCS (2023–2024), USEC (2025-2026), USENIX SOUPS (2018–2024), ACM CSCW(Associate Chair 2019–2024), ACM FAccT 2022, and EASE 2019.
He has also contributed as Karat Award Chair (SOUPS 2021), SOUPS Mentor (2020), and ACM CSCW Awards Committee Member (2023) — reflecting his sustained global leadership in usable security and privacy research.

 

Academic Pathway & Mentorship:

Nalin holds a PhD in Cyber Security from Brunel University London, where he developed a game-based learning framework to teach users how to defend against phishing attacks. He also earned an MSc in Information Management and Security (University of Bedfordshire, UK) and a BSc (Hons) in Management Information Systems from University College Dublin, Ireland.

He is a Sun Certified Java Programmer (SCJP) and has extensive international teaching experience across leading universities in the UK, Canada, and Australia.

 

Dr Arachchilage actively supervises PhD, Master’s, and Honours students at RMIT University.
Prospective students or collaborators interested in cybersecurity, privacy, AI security, or human-centred cyber research are warmly encouraged to contact him atnalin.arachchilage@rmit.edu.au.