In July 2017, New York City Mayor Bill de Blasio signed an executive order to protect the city from cyberattacks and establish the NYC Cyber Command. “It was really a natural evolution in how New York City is thinking very carefully about cyber as a domain,” said the city’s chief information security officer, Geoff Brown. Another natural evolution was de Blasio naming Brown to head the Cyber Command.
Brown had led the city since 2016 on cyber and information risk issues, and the progress made during that time led to the mayor’s push for a more formal security effort. “We began doing a number of assessments in different environments and started to put together a picture of what we had,” Brown said on a recent podcast produced by Cyberwire and Pratt Street Media. “And that picture started to teach us that in order to take a new approach, to have a mission that really accounted for the total aggregate cyber-risk, the city had to organize against its various other critical missions.”
In leading the NYC Cyber Command, Brown is tasked with advising City Hall, while working with the Department of Information Technology and Telecommunications and more than 100 agencies to protect New Yorkers. He said doing that requires a centralized strategy and thus a teamwide, citywide effort.
“[The executive order] gives NYC Cyber Command the ability to defend the city … all those services and capabilities that are provided to the residents, the visitors, the businesses that are enabled through technology,” Brown said.
“Cyber is a machine-to-machine domain, and to be successful in that domain, you have to make sure your defenses have some uniformity,” he said on the podcast. “Uniformity in deployment, uniformity in strategy, uniformity in operations.”
