In late 2021, Geoff Brown ’99 was winding down his tenure as New York City’s chief information security officer—a position he had held since 2016—and as leader of NYC Cyber Command, an organization Mayor Bill DiBlasio had established in 2017.
In November, I learned I would be interviewing him for an article on his next role: visiting professor of cybersecurity at the Middlebury Institute. I wasn’t exactly sure what his New York job entailed, but “Cyber Command”? I pictured him as some kind of modern superhero, a cybercrime fighter in Gotham who protected its citizens and worked in a secret lair deep under the city.
I was kidding, of course. But then, 10 minutes before our scheduled Zoom call, Brown sent me an email saying he’d be a few minutes late; he’d had to take an urgent call from City Hall.
If Brown was truly a comic-book hero, he had a convincing alter ego. When we met on Zoom, I found myself face-to-face with a clean-cut, smiling man wearing a shirt and tie, sitting in a standard-looking office. His phone call with City Hall, he explained, involved nothing more exciting than assisting the transition team with the handoff between the city’s current and incoming administrations at the end of the year.
NYC Cyber Command is, as stated on its website, “a centralized organization created by executive order to lead the city’s cyber defense efforts, working across more than 100 agencies and offices to prevent, detect, respond, and recover from cyber threats.”
Brown explained that NYC Cyber Command was designed with two objectives. The first was to defend the services the city provides for New Yorkers by defending the technology, which the organization did by building and operating a cybersecurity program. The second was to protect the public. “We were charged by the administration with implementing ways to help New Yorkers navigate away from the threats they might encounter in their digital life.” Brown said the mission was to contribute to “the overall public safety umbrella that visitors, residents, and businesses in the city should enjoy.”
To enhance public safety, in 2018 Brown’s NYC Cyber Command launched the city’s first public-facing cybersecurity initiative, NYC Secure. Among its achievements were developing a free app that would notify users of any suspicious activity on their cell phones, and providing enhanced security for users of the city government’s free public Wi-Fi locations.
While he downplayed his accomplishments at NYC Cyber Command, crediting his entire team for the organization’s success, there’s no doubt Brown left his mark on the city. He admitted that during a final farewell celebration in late December, his team presented him with an “obnoxiously large, framed parchment, which was a proclamation from Mayor DiBlasio that December 30 was Geoff Brown Day in the City of New York.”
The longer we talked, the less farfetched my little superhero joke sounded.
A New Direction
I spoke to Brown again in late January, just before the start of spring classes at the Institute. He was preparing to fly to Monterey in just a few days “to kick off the spring semester with the students,” although he is teaching mostly remotely, an arrangement that allows him to remain on the East Coast with his wife and two small children.
On his Institute profile page, Brown’s courses are described as looking at “how pervasive technology, with criticality ranging from leisure activity to life safety, creates a new landscape for criminality, espionage, militarism, and activism, and accordingly, if left unprotected, can threaten the very underpinning of how we interact in the global community.”
My purpose for the call this time, however, had less to do with the Institute and more to do with a question that had been bugging me since our first chat: how does an American literature major from Middlebury College end up as a cybersecurity expert?
All Brown could say, with a laugh, was that it was definitely not by “purposeful design.”
He didn’t have a clear idea of where he wanted his future to go after graduation, although he did wonder what it would be like to be involved with security. His econ-minded friends said, “You mean like security investments, right?” No, he meant high-level security work. And then, with an earnestness that turned up repeatedly in our call, he said, “I guess I read too many King Arthur books as a kid, and I’ve always wanted to be there to help people in their time of need.”
After graduating as a Feb in 2000, Brown landed in Washington, D.C., where he worked for a think tank, doing research on peacekeeping studies and conflict commodities (minerals from conflict-affected and high-risk areas of the world). That experience taught him about the need for organizations like the United Nations. “Any organization that is trying to foster more peace in the world is something I wanted to be involved with—and really still do at my core.”
He then returned to New York to become a research analyst on the 9/11 Commission, which was set up in November 2002 to prepare a report on the circumstances surrounding the 9/11 attacks and addressing the preparedness for and immediate response to the attacks. There, he was assigned to investigators, researchers, and members of the intelligence community, the military, and the Justice Department.
He spent about 20 percent of his job focused on the first responder environment in New York City, working with “the part of the investigation that interviewed NYPD and FDNY and Emergency Services to try and understand in aggregate the picture that day, and then could foster recommendations for crisis management and emergency response that made their way into the report.”
For the rest of his time, he said he “was almost like the notetaker and baggage carrier for these wonderful investigators, who had the opportunity to fly all over the country, because they led the investigation into the air defense picture.” That meant finding out things like what happened at NORAD and what happened on the flights.
Brown said that work opened his eyes to what was happening in the military and intelligence community. It taught him a lot about crisis management and communications within crisis; specifically, how to act with only a partial picture. “The information you get early on is often completely wrong, but you still have to make decisions based off of it.”
His most moving experience in that job, however, came from his time in the New York office that worked with victims’ families. “It left an indelible mark on me—the families that would come in and the tragedies they suffered, and also the tragedies that were in some senses exacerbated by the lack of clarity around things.”
Brown later moved back to D.C. to work in what he will only call “the federal space with an international focus.” In that arena, he said, he confronted questions like “What is the global circumstance?” “How are decisions being made around crises that we see throughout the world?” and “What is the U.S. government’s approach to these things, whether it be law enforcement or intelligence or other avenues of U.S. power projection?”
He spent several years in that space, “learning and growing and learning and growing.”
It was later, while working with an executive mentor, that he learned about the field of cyberthreat intelligence in enterprises (very large organizations). “And it was in that timeframe,” he said, “that I started to combine all of these disciplines of the past into cybersecurity and technology.”
The timing, around 2012 and 2013, was serendipitous. “It just happened to coincide with significant acceleration in the cyberthreat landscape, significant acceleration in enterprise cybersecurity,” he said. Big banks had begun pouring hundreds of millions of dollars a year into their cyber defenses, and those amounts have only continued to grow. In a June 2021 interview on CNBC, Bank of America CEO Brian Moynihan said his company’s cybersecurity spending had grown to over $1 billion annually.
In his last stop before the New York City mayor’s office, Brown followed a cybersecurity team to the payment processor First Data. From there, he said, “the city came calling, and I answered the call.”
A Global Focus
Brown figured once his New York City job came to an end in late December 2021, he would give himself some time to think about his next steps while teaching part time at the Institute. But near the end of the year, private-sector security firm Recorded Future, with which Brown had developed a working relationship in the past, contacted him. “Their leadership discovered that I might have some time on my hands in 2022 and decided to very quickly disabuse me of the notion that I should,” he said. They convinced him to join them on January 3 as vice president for global intelligence platforms.
In my late January call with Brown, I caught him heading into Manhattan for the new job. In contrast to his hyperlocal focus for the past six years, Brown said, this job looks at cybersecurity from a much larger perspective. “I’ll be traveling to other countries and helping both governments and the private sector improve their approach to cybersecurity, and behind the cybersecurity, into making decisions driven from intelligence.”
It’s the human side of cybersecurity that fascinates Brown. “It’s about helping,” he said. “A way to think about it is that there’s a lot of information out there, and information should be distilled so that people can make the best decisions they can based on the uncertainties we face . . . that’s what the whole game is.”
Brown credits a combination of his work experience and strong communication skills for his ability to run highly technical teams in the cybersecurity world. “Like anything else in life, it’s about, can you be clear? Can you be concise? Can you communicate? And are you comfortable making decisions when frankly you don’t have all the facts? You may not have half the facts, but you’ve still got to make a call.”
He is able to bring a narrative structure to situations that complements the technical side of the work. “I think in storylines. And to a certain extent, that is helpful when surrounded by engineers. Engineers think in ones and zeroes. They think in math. They think in science. They think in problem solving and experimentation. But I can wrap a story around all of that and divine a direction.”
Comparing his work to playing on a sports team, he explained his contribution to the team: “What I can do is, sort of by nature, manage and accept the anxiety of the risk of not having all the facts. A technical person, a person who is used to sort of one plus one equals two every day, all day long, will always look for all of those, for the math, for the formula to line up every time. And that can be unbelievably powerful when thinking about building and operating an enterprise technical cybersecurity program. But on the other side of the equation is a bunch of the adversaries, espionage, hacktivism, criminals, and they’re gonna do everything they can to steal or disrupt, to sow doubt.” His job, as he sees it, is to create an environment in which engineers can function even when the equation doesn’t balance.
Brown said his younger self would be surprised at the direction his career has taken. “If you were to say to me that I would now be driving to a parking garage in midtown Manhattan in a full suit, I would’ve been like, ‘That makes no sense.’” He said he would also be thinking, “Wow, that guy is old.”
But Brown’s 44-year-old self says, “I think I’m still young. And I’m only in the middle of the things that can be accomplished. . . . I’ve got another 40 years of contributions to society in front of me.”
When we hang up, I can’t help thinking that’s exactly the sort of thing a superhero would say.