Profile

Mathew Nicho
Title: Dr
First Name: Mathew
Surname: Nicho
Position: Lecturer
Telephone: 01224 262734
Email:
ORCID: ORCID Icon http://orcid.org/0000-0001-7129-3988

 

Duties and Responsibilities

  • Teaching undergraduate and postgraduate modules
  • Current and recent past (Network Security; IS Strategy; Information Security; Networking; IT Governance, Cloud Computing; Enterprise Architecture)
  • Supervision of PhD and MSc thesis students
  • Academic and industry oriented research

Academic Background

  • PhD (School of Computing and Mathematical Sciences, Auckland University of Technology [AUT], Auckland, New Zealand) 2009;
  • MIS (School of Computing and Mathematical Sciences, AUT, Auckland, New Zealand) 2004

Research Interests

  • Information Security, Proactive Insider Threat Detection, Advanced Persistent Threats – Vulnerabilities and Mitigation, Governance Risk and Compliance (GRC) Models, Cloud Computing Security, Heath care Information Systems Security, IT Governance (COBIT, ITIL), Payment Card Industry Data Security Standards – Implementation Issues, Big Data Analytics.

Funding

  • PECE Bursary Award: Awarded the Postdoctoral and Early Career Researcher Exchanges (PECE) award from the Scottish Informatics and Computer Science Alliance (SICSA) in 2015. 

Professional Memberships

  • Member of Information Systems Audit and Control Association (ISACA) since 2007
  • Member of British Computer Society 

External / Professional Roles

  • Certified Ethical Hacker (CEH): Certified from EC-Council on January 2010
  • Real World Security Practitioner (RWSP):* Certified from Peak Security on February 2011 at the 2010 Black Hat Security Conference
  • SAP-Systems Architect: SAP TERP 10: Certified from SAP on March 2011.
  • Cloud Infrastructure and Services - Associate: Certified from EMC on December 2013
  • ITIL® Foundation certificate in IT Service Management: Certified from the British Computer Society - The Chartered Institute of IT and Axelos on August 2015. 
  • Best Paper Award: Awarded the BESTPAPER AWARD for the paper -COBIT as an Effective Measurement Framework for Measuring Information Systems (for the most promising research in IT governance) at the third International IT Governance Conference: IT Risk -Strategic Measures for Performance, Value & Quality (13-15 November 2006,Auckland).
  • NZPSAA Award: Awarded the 2006 New Zealand Post Graduate Study Abroad Award for undertaking joint research in 2007between the Auckland University of Technology and the Singapore Management University (SMU), by the Ministry of Education, New Zealand

Publications

Book chapters

  • Nicho, M.(2012). "An Information Governance Model for Information Security Management",in the book IT Security Governance Innovations: Theory and Research, IGI Publishing. Chief Editor. Daniel Mellado.

Selected Journal Articles

  • Khan, S., Nicho, M., & Cooper, G. (2015). A Role Allocation Model for IT Controls in a Cloud Environment. Review of Business Information Systems. Vol. 19, No 1.
  • Nicho, M, & Kamoun, F. (2014). A Multiple Case Study Approach to Identify Aggravating Variables of Insider Threats in Information Systems. Communications of the Association of Information Systems. Vol. 35, No. 18 (High impact journal in the ISI Q2; and 'A' in ABDC)
  • Nicho, M, & Khan, S. (2014).Identifying Vulnerabilities of Advanced Persistent Threats: An Organizational Perspective. International Journal of Information Security and Privacy. Vol. 8, No.1
  • Kamoun, F, & Nicho, M. (2014).Human and Organizational Factors of Healthcare Data Breaches: The Swiss Cheese Model of Data Breach Causation and Prevention. International Journal of Healthcare Information Systems. Vol. 9, No. 1.
  • Nicho, M, & Hendy, M. (2013).Dimensions of Security Threats in Cloud Computing: A Case Study. Review of Business Information Systems. Vol. 17, No.4
  • Nicho, M., & Fakhry, H. (2013).Using COBIT V for Data Breach Prevention. Information Systems Control JournalVol.5
  • Nicho, M., & Al Mourad, B.(2012). Success Factors for Integrated ITIL Deployment: An IT Governance Classification. Journal of Information Technology Case and Application Research (JITCAR). Vol.14, No. 1
  • Nicho, M. (2012). Incorporating COBIT Best Practices in PCI DSS 2.0 for Effective Compliance. Information Systems Control Journal Vol.1
  • Nicho, M., & Fakhry, H. (2011).An Integrated Security Governance Framework for Effective PCI DSS Implementation. International Journal of Information Security and Privacy.
  • Nicho, M. (2004). Implementation Failures in Customer Relationship Management Software. Journal of Applied Computing and Information Technology. 2(1), pp. 12-16.

Selected Conference Articles

  • Nicho, M., & Advani, A. (2012)."A Data Centric Security Cycle Model for Data Loss Prevention of Custodial Data and Company Intellectual Property". Paper presented at the Sixth International Conference on Emerging Security Information, Systems and Technologies, SECURWARE 2012, August 19 - 24, 2012 - Rome, Italy.
  • Nicho, M. (2012). An Optimized Dynamic Process Model of IS Security Governance Implementation. Paper presented at the International Conference on Information Resources Management (Conf-IRM),Vienna, Austria 21 to 23rd May, 2012.
  • Nicho, M. (2008). "Operational Issues in Measurement Using COBIT". Paper presented at the 2008 Corporate Governance of IT International Conference, Wellington, New Zealand (December 1 - 2).http://www.yourconference.info/
  • Nicho, M., & Cusack, B. (2007)."A Metrics Generation Model for IT Audit". Paper presented at the 40th Hawaii International Conference on Systems Sciences, Hawaii, 2007.
  • Nicho, M. (2006). "COBIT as an Effective Measurement Framework for Measuring Information Systems". Paper presented at the Third International IT Governance Conference: IT Risk -Strategic Measures for Performance, Value & Quality, Auckland, 2006.
  • Nicho, M. (2005). "The Quest for a Deterministic Model for IT Audit Compliance Using Software Metrics". 2005International IT Governance Conference, Auckland, 2005.
  • Nicho, M. (2004). "CRM Implementation Success Factors". In B. Cusack (Ed.), The Proceedings of the NACCQ 2004Post-Graduate Symposium (pp. 43-48). Auckland: Trumps Ltd.

Invited Speaker at Selected Industry Venues

  • Nicho, M. & Khan, S. (2013). "Advanced Persistent Threats (APT): Vulnerabilities and Mitigation" a talk presented to the Information System and Audit Control Association (ISACA, UAE-Dubaichapter).
  • Nicho, M. (2012). "Operational Issues in ICT Maturity Measurement – UAE and New Zealand Study". Presented at the 13th Annual Regional Gulf Internal Audit Conference - "Riding the Crisis Wave,Challenges & Opportunities".
  • Nicho, M. (2012). "The PCI DSS Compliance Journey: A Case Study on Opportunities & Challenges". Presented at 2012 PCI DSS Conference.
  • Nicho, M. (2011). "Measurement Issues in COBIT". Presented to the members of the Information System and Audit Control Association (ISACA, UAE chapter).
  • Nicho, M. & Raigangar, Bharat (2011). "Effective Enterprise Fraud Management", A keynote presentation at the annual 2011 PCI DSS Conference.
  • Nicho, M. (2006). Re-Valuing CoBIT by Developing Customized Metrics. Presented to the members of the Information System and Audit Control Association (ISACA, Auckland chapter).

Additional Information / Awards /Funding

  • Best Paper Award: Awarded the BESTPAPER AWARD for the paper -COBIT as an Effective Measurement Framework for Measuring Information Systems (for the most promising research in IT governance) at the third International IT Governance Conference: IT Risk -Strategic Measures for Performance, Value & Quality (13-15 November 2006,Auckland).
  • NZPSAA Award: Awarded the 2006 New Zealand Post Graduate Study Abroad Award for undertaking joint research in 2007between the Auckland University of Technology and the Singapore Management University (SMU), by the Ministry of Education, New Zealand