Victoria appoints first CISO

The first chief information security officer has been appointed by the Victorian Government.

John O’Driscoll has been appointed to the role, which is designed to help keep government services and information safe from cyber threats.

O’Driscoll has 20 years’ experience in information technology, with a focus on cybersecurity in financial services and the public sector. He was previously the senior manager, Information and Technology Risk at ANZ.

“John O’Driscoll’s extensive experience working across information technology and cybersecurity makes him ideally suited to be Victoria’s first chief information security officer, as we seek to secure government services,” said Special Minister of State Gavin Jennings.

“As organised crime and others become more sophisticated in hacking and disrupting digital services, it’s crucial government steps up to better protect our public services and information — John will help us do just that.”

Government networks across the world are regularly targeted by cyber attacks, with an increasing shift from unsophisticated lone cyber hackers towards organised criminals, political ‘hacktivists’ and even foreign governments using cyber space to infiltrate, steal from and disrupt government services.

The appointment of a chief officer was a key component of the government’s Cyber Security Strategy, released in August this year. The strategy shifts Victoria’s cybersecurity approach from an agency-by-agency approach to a whole-of-government approach, to better protect public services and information.

The chief officer will focus on leading collaboration across Victoria’s departments and agencies helping with ongoing work to assess, monitor and respond to cybersecurity risks, as well as engaging with Commonwealth and private sector experts to deliver a resilient and cohesive cybersecurity environment.

Other key actions from the Cyber Security Strategy that will be led by the CISO include:

• developing cyber emergency governance arrangements with Emergency Management Victoria, so that risks are better understood and planned for as part of ongoing work to protect government assets and services;
• strengthening partnerships across all levels of government and the private sector to share best practice, intelligence and insights;
• rationalising and better coordinating the procurement of proven cybersecurity services;
• developing a workforce plan to attract, develop and retain skilled cybersecurity public sector workers;
• presenting a quarterly cybersecurity briefing to the Victorian Secretaries Board and the State Crisis and Resilience Committee, so government is better informed of cybersecurity issues and assessments.

Image credit: ©stock.adobe.com/au/Sergey Nivens

Follow us on Twitter and Facebook