Attorney-General’s Department CIO on building trust through secure and innovative technology

In this Government Edge interview, Michael Harrison, CIO of the Attorney-General’s Department, shared how his team balances security, reliability, and innovation.

His team manages one of the most complex and secure technology environments in the Australian Government.

Supporting more than 2,200 staff, many of them lawyers working on sensitive legal matters, the department operates as a knowledge organisation with protected networks, critical information systems, and several public-facing services, including the Marriage Celebrants System.

Michael explained that security underpins every decision, reflecting the department’s core responsibility to protect sensitive information and maintain public confidence.

The department’s hybrid, multi-cloud environment is being modernised through a gradual, risk-based migration from on-premise systems to cloud platforms, balancing cost, performance, and compliance.

Under Michael’s leadership, the department has reached and maintained maturity level two against the Australian Signals Directorate’s Essential Eight framework.

This milestone represents a strong cultural and operational commitment to cyber resilience.

He emphasised that maintaining maturity requires persistence, collaboration, and clear communication.

Early resistance to stricter controls gave way to understanding as staff saw the connection between robust security practices and the protection of both their professional obligations and public trust.

Michael’s team has also focused on improving operational reliability, moving from reactive IT maintenance to proactive problem-solving.

This shift has reduced outages and freed capacity for innovation. With stable systems in place, the department is now cautiously embracing artificial intelligence, combining curiosity with careful governance.

Staff have controlled access to tools such as ChatGPT for low-risk use, supported by policies, training, and guidelines that reinforce responsible experimentation.

Early pilots are exploring how AI can safely assist with legal and administrative work while maintaining confidentiality and compliance.

Michael’s leadership centres on maintaining security, stability, and reliability while empowering staff to innovate responsibly.

He describes a security-first culture built on trust and accountability, where technology strengthens professional capability rather than disrupting it.

Through this approach, the Attorney-General’s Department continues to demonstrate that innovation and security can coexist, ensuring digital transformation enhances rather than risks public trust.

Key takeaways:

• Security and trust are central: The department operates a protected network and maintains maturity level two against the ASD Essential Eight, reflecting its commitment to safeguarding sensitive information and maintaining public confidence.
• Operational reliability enables innovation: By shifting from reactive IT maintenance to proactive problem-solving, the department has reduced outages and created the foundation for secure innovation.
• Responsible AI adoption: Staff can explore AI tools like ChatGPT in a controlled, policy-driven environment supported by training and ethical guidance, aligning innovation with legal obligations.