Dr Maria Milosavljevic, the NSW Government\u2019s inaugural chief information security officer, is leaving the role to become the federal Department of Human Services' chief data officer.\nMilosavljevic sent an email to her Department of Finance, Services and Innovation (DFSI) colleagues this morning announcing her departure.\n \n\u201cThank you for your collaboration over the years \u2013 we have covered a lot of ground and it\u2019s great to reflect on the distance travelled,\u201d she wrote.\n \nDr Maria Milosavljevic\n\u201cThis would not have been possible without the groundswell of support both inside and outside of NSW Government. This role is all about relationships and I\u2019ve enjoyed a great many new ones,\u201d Milosavljevic added.\nThe NSW GCISO role will be filled by DFSI\u2019s director of engagement and prevention Tony Chapman in an acting capacity until a replacement can be found.\n \nMilosavljevic was appointed to the then newly created state government position in May 2017, joining from AUSTRAC, where she held the position of chief information security officer and chief innovation officer. Prior to joining AUSTRAC in 2015, Milosavljevic was the chief information officer at the Australian Crime Commission.\n \nAs head of the NSW government\u2019s Office of the GCISO, Milosavljevic said her team had \u201cachieved a lot in a short space of time\u201d.\n \nIn September, her office launched the government\u2019s first cyber security strategy, incorporating a$20 millionaction plan for training and awareness, cyber skills and career pathways. A new Cyber Security Policy will soon be launched, to replace NSW\u2019s heavily criticised Digital Information Security Policy.\n \nMilosavljevic and her office raised the levels of cyber governance across government, appointing deputy secretary-level \u2018cyber risk owners\u2019 from all clusters, and establishing a Cyber Security Advisory Council.\n \nShe laid down whole of government incident response plans, and ran a number drills to test how staff and management responded. A\u2018Passive Security Assessment\u2019was also run to scan 3,257 web domains used by NSW Government agencies to uncover vulnerabilities.\n \nDescribing the work of the last two years, in a December blog post Milosavljevic said \u201cBecause it is rare for serious cyber threats to be limited specifically to one organisation, coordination is the key pre-requisite to effective cyber security. Cyber security conducted in a siloed, agency by agency manner only increases the problem because the opportunity is lost for others to quickly pre-empt and avoid emerging threats.\u201d\n \nMilosavljevic remains the only female to have served as a government GCISO anywhere in Australia. Not long into the role, she hired four women into the cyber team.\n \nMilosavljevic and her cyber team\n\u201cI figured we were probably unique globally. And completely unplanned of course,\u201d she told CIO Australia in September. \nIn the same interview she described herself as someone attracted to solving complex challenges (during her academic career she developed the first AI-generated adaptive website in the world) and ones where she can break new ground, set the vision and collaborate with others.\n \n\u201cI\u2019m very strategic and collaborative. I\u2019m not a maintainer. I\u2019m an innovator and entrepreneurial perhaps,\u201dshe said. \u201cA lot of what you do is through influence and through diplomacy. It\u2019s not like you are working to build tech capability in one organisation and basically someone in the organisation makes it so. Instead, you are collaborating. A lot of it has much more to do with influence than laying down the law.\u201d\n \nMilosavljevic will be taking a short period of leave before commencing at the Department of Human Services at the end of the month.