Geoff has advised hundreds of organizations on cybersecurity, privacy, IT strategy, and infrastructure matters. He leads engagements working with organizations to protect against emerging threats and securely resume their businesses after an attack. His other work with high-profile investigations of cybersecurity incidents, and privacy breaches providing valuable insight into the methods, means and tactics to defend against modern attackers. He is an accomplished technology leader with a demonstrated record of developing effective programs and managing multifaceted projects to achieve compliance with strict standards and time-sensitive organizational objectives.
Geoff has led domestic and international initiatives, including acting as an interim CIO, CISO, and ISO for multiple clients, as well as a range of IT due diligence assessments and integrations for healthcare organizations. He continues to focus on cybersecurity strategy development, execution, third party security management, and cyber incident response. He holds certifications as a Certified Information Systems Auditor (CISA), Certified in Risk and Information Systems Control (CRISC) and previously as a Certified HITRUST Practitioner (CCSFP). He is a member of the International Information System Security Certification Consortium (ISC)² and the Information Systems Audit and Control Association (ISACA) and speaks frequently on the topics of cybersecurity architecture, medical device security, incident response and cybersecurity preparedness.
Prior to joining CRA, Geoff was a leader in PwC’s Cybersecurity and Privacy Practice focused on health industries and it’s Co-Leader of the Medical Device Cybersecurity Practice. He has also held a variety cybersecurity leadership positions in industry.
BA, Economics and International Relations, Boston University