Associate Professor Nalin Arachchilage

Dr Nalin Arachchilage is an Associate Professor in Cyber Security in the School of Computing Technologies at RMIT University, a Regenerative Futures Fellow, and the Group Leader of the Human-Centred Cyber Security (HCCS) research group within the RMIT Centre for Cyber Security Research and Innovation (CCSRI). He currently leads the redevelopment of RMIT’s Master of Cyber Security program, integrating regenerative futures principles to create a cutting-edge, industry-informed, and culturally inclusive curriculum that fosters sustainable, ethical, and resilient cyber capabilities for the evolving digital landscape.

Nalin’s career reflects a global journey of academic leadership and innovation across Australia, New Zealand, the United Kingdom, Canada, Vietnam, and Sri Lanka. He has held senior research and teaching roles that bridge academia, industry, and government, shaping the next generation of cybersecurity education and practice.

At the University of Auckland, he served as Senior Lecturer and Assistant Head of School (Research), where he led the Master of Professional Studies in Digital Security program and strengthened research capacity in emerging areas of cyber resilience. He was previously a Senior Research Fellow at La Trobe University, contributing to the Optus–La Trobe Cyber Security Research Hub, advancing applied cybersecurity research and industry collaboration.

Nalin led the Usable Security Engineering Group, where he pioneered Australia’s first human-centred cybersecurity courses for defence personnel, integrating behavioural science with secure systems design. His international research journey began at the University of Oxford, where he worked as a Postdoctoral Research Assistant on systems security engineering and trust frameworks, followed by a Postdoctoral Fellowship at the University of British Columbia (UBC), Canada, exploring human behaviour and decision-making in digital security and privacy.

He has also held an Honorary Associate Professorship in Cyber Security at the University of Warwick (UK) and currently serves as a Technical Advisor to DEFSAFE Cyber Security Inc. (New Zealand), providing strategic direction on cyber risk, training, and product innovation.

Together, these experiences position Nalin as a thought leader at the intersection of research, education, and policy, dedicated to strengthening cyber resilience across communities, industry, and national security sectors.

Research Focus:

Nalin’s research advances human-centred cybersecurity and privacy by integrating the human, technical, and policy dimensions of digital trust. Positioned at the intersection of computer security, human–computer interaction (HCI), software engineering, machine learning (ML), and natural language processing (NLP), his work focuses on building secure, ethical, and resilient technologies that place people at the centre of digital design.

With a strong emphasis on AI safety and responsible technology development, Nalin’s research tackles some of the most pressing national and global cyber challenges, including:

🧠 Human-Centred Cybersecurity & Privacy: Designing secure systems that account for user behaviour, cognition, and decision-making.

🔐 Applied & Post-Quantum Cryptography: Supporting developers to integrate quantum-resilient algorithms into contemporary applications.

🤖 AI, ML, NLP & Responsible AI Security: Safeguarding systems and societies against AI-driven deception, misinformation, and adversarial attacks.

🛰️ Critical Infrastructure, Space, Satellite & IoT Security: Enhancing resilience and trust in cyber-physical and Positioning, Navigation and Timing (PNT) systems.

⚙️ Cybersecurity Capability, Policy & Regulation: Informing policy frameworks that strengthen national digital security and workforce capability.

Nalin’s interdisciplinary research has led to high-impact outcomes — including improving the OWASP Enterprise Security API (ESAPI 2.2.1.0), enabling developers worldwide to build more secure applications. He has presented his research at Facebook Headquarters (Menlo Park, USA), collaborated with HP Labs (Bristol, UK), and his work has featured widely across national and international media (ABC TV, ABC News Radio, Sky News Australia, TVNZ 1 News, Guardian Labs, and 10 News TV Australia).

Leadership & Engagement:

A recognised thought leader in human-centred cybersecurity, Nalin has served on program committees for the world’s premier security and privacy venues, including:

ACM CCS (2022–2024), ACM AsiaCCS (2023–2024), USEC (2025-2026), USENIX SOUPS (2018–2024), ACM CSCW(Associate Chair 2019–2024), ACM FAccT 2022, and EASE 2019.
He has also contributed as Karat Award Chair (SOUPS 2021), SOUPS Mentor (2020), and ACM CSCW Awards Committee Member (2023) — reflecting his sustained global leadership in usable security and privacy research.

Academic Pathway & Mentorship:

Nalin holds a PhD in Cyber Security from Brunel University London, where he developed a game-based learning framework to teach users how to defend against phishing attacks. He also earned an MSc in Information Management and Security (University of Bedfordshire, UK) and a BSc (Hons) in Management Information Systems from University College Dublin, Ireland.

He is a Sun Certified Java Programmer (SCJP) and has extensive international teaching experience across leading universities in the UK, Canada, and Australia.

Dr Arachchilage actively supervises PhD, Master’s, and Honours students at RMIT University.
Prospective students or collaborators interested in cybersecurity, privacy, AI security, or human-centred cyber research are warmly encouraged to contact him at nalin.arachchilage@rmit.edu.au.