by George Nott

Victoria appoints first CISO

Oct 09, 2017

The Victorian Government has appointed its first whole-of-government chief information security officer.

The appointment of John O’Driscoll, formerly senior manager of information and technology risk at ANZ bank, was announced this morning by Special Minister of State Gavin Jennings.

O’Driscoll has previously held senior security positions at AMP and Commonwealth Bank of Australia.

“John O’Driscoll’s extensive experience working across information technology and cyber security make him ideally suited to be Victoria’s firstChief Information Security Officer, as we seek to secure government services,” Jennings said.

“As organised crime and others become more sophisticated in hacking and disrupting digital services, it’s crucial government steps up to better protectour public services and information – John will help us do just that.”

The role was a key component of the government’s Cyber Security Strategy, released in August this year.

The strategy shifts Victoria’s cyber security approach from an agency by agency approach to a whole of government approach, to better protect public services and information, the government said.

O’Driscoll – who sits within the Department of Premier and Cabinet– will lead collaboration between Victoria’s departments and agencies to “assess, monitor and respond to cyber security risks, as well as engaging with Commonwealth and private sector experts to deliver a resilient and cohesive cyber security environment”, the government added in a statement.

He will also develop cyber emergency governance arrangements with Emergency Management Victoria, as well as a plan to attract, develop and retain skilled cyber security public sector workers.

The Victorian Government last week announced it was backing new cyber security degree courseat Deakin University. In July, the government (through LaunchVic) launched CyRise in Melbourne, a six-month, mentor-drivenprogram for cyber security start-ups in the state.

O’Driscoll will also be required to present a quarterly cyber security briefing to theVictorian Secretaries Boardand theState Crisis and Resilience Committee, so the government is better informed about cyber security issues.

A number of states are appointing CISOs in response to growing security threats.

In March, the New South Wales governmentrecruited former AUSTRAC CIO Dr Maria Milosavljevic to be its first CISO. In April, South Australia announced thatpublic service veteran David Goodman would be the state’s first CISO.