Victorian government CISO David Cullen has left the role after a year in the chair, joining the Australian and New Zealand security forum CISO Lens in a newly-created role.
Victorian government’s outgoing CISO David Cullen
The Department of Government Services (DGS) – responsible for business, consumer and municipal interactions with government – has released a recruitment posting seeking a replacement whole-of-government CISO.
Cullen’s replacement will be both CISO and the state’s inaugural ‘executive director of data and digital resilience’.
The Department’s cyber security, data and digital resilience division manages “preparedness and response to cyber security risks.”
The successful applicant will oversee “government-wide data policy protection and telecommunications infrastructure functions, all aimed at enhancing service quality, cyber security, resilience, and operational efficiency.”
While the posting does not outline specific projects Cullen’s replacement will support, Cullen was midway through rolling out Victoria’s mission delivery plan for a new whole-of-government risk management operating model that he announced earlier this year.
The 2022-23 stage of a continuing five-year, $50 million cyber security strategy implementation, has already begun rolling out a ‘cyber hubs model’ to upgrade cyber governance, interoperability and resource management through the coordination of “a central Victorian government cyber defence centre.”
The program has also “introduced automated threat intelligence sharing programs,” and “widespread implementation of Domain-based Message Authentication, Reporting and Conformance (DMARC) capability across email services using the vic.gov.au domain”, according to an annual progress report that Cullen signed off in February.
CISO Len’s founder James Turner told iTnews that Cullen will take up his new role as director for cyber advocacy and uplift on September 25.
CISO Lens appointed Cullen because of his, “nearly two-decades experience across state and federal government, and deep relationships across the cyber security ecosystem,” Turner said.
“This is a new role that will further strengthen cyber security partnerships between the private sector and government through absolute partnership,” he said.
Reporting to Turner while maintaining “significant autonomy,” Cullen will consult organisations on their “common cyber security risks and priorities, communicate these insights with government, and help drive the continual identification of capability gaps.”
Cullen was promoted to the position of Victorian Government CISO in August last year.
He previously worked at the Department of Premier and Cabinet (DPC) but carried the title over to DGS in January when DGS was created as the result of a cabinet reshuffle.
Cullen joined DPC as head of the Victorian Government cyber incident response service in 2018; he was promoted to director of strategic partnerships, analytics and innovation in 2021.
He has also held senior analyst and intelligence roles at The Victorian Department of Justice and Regulation, The Australian Criminal Intelligence Commission and Victoria Police.
About Author
