Staff Stories: Tim Bradish

A security engineer safeguarding a campus the size of a small city

By Grace DePaull

Photo by Simon Wheeler

When software and security engineers are jolted awake by system alarms, it’s all hands on deck. For Cornell IT engineers, that moment came at 2:00 a.m. ET on Friday, July 19, 2024, when thousands of Windows servers suddenly shut down, and individual PC devices across campus displayed the dreaded blue screen error.

A faulty cybersecurity update had disrupted the university’s Windows machines, but Cornell IT engineers acted quickly to restore critical services, bringing most systems back online by the end of the day. For Associate Chief Information Security Officer Timothy Bradish, tackling crises like this is just one part of a job he finds deeply rewarding.

“Having worked in a small business tech start-up, in government contracting, and funded research, transitioning to higher education was a breath of fresh air. The people here are collegial, educated and motivated to help carry out the mission,” he said. 

Bradish joined Cornell in 2014, bringing with him a wealth of experience in law enforcement training. He had previously taught forensic investigation and computer forensics to agencies such as the Secret Service, FBI, Dutch police and various state law enforcement organizations. After years of extensive travel in these roles, he sought greater stability and a stronger sense of community – both of which he found at Cornell.  

Since arriving, Bradish has steadily advanced through the ranks and now leads a team responsible for safeguarding the university’s extensive infrastructure. From health centers and dining facilities to classrooms and hotels, his work ensures the protection of services crucial to campus life, much like those of a small “city.” For Bradish, this vast network provides ample opportunities to innovate and apply his creativity in the field of information security. 

“There is no one-size-fits-all solution,” Bradish said. “You have to be creative in finding the right approach for customers, employees and the institution as a whole. Given Cornell’s mission and the resources we have, we, as engineers, can innovate with how we’re going to solve the problem or mitigate a risk. It makes the work more engaging.” 

The CrowdStrike incident in July 2024, which affected Cornell and other global IT systems, is just one of the many security emergencies that Bradish and his team respond to. From widespread outages to data breaches, they are prepared for a range of unexpected challenges.  

“My team was definitely ready,” Bradish said, regarding the incident. “In our field, we’re always anticipating the next challenge, and in cybersecurity, that means constantly preparing for the unexpected. You never know what will come your way, so we’re always ready to handle any emergency.”

Bradish’s leadership is rooted in collaboration and adaptability, which is crucial to guiding a team to protect sensitive payroll and health information while ensuring uninterrupted access to the university’s services. As a research institution, Cornell offers unique opportunities to leverage cutting-edge academic expertise. Recently, Bradish and his team collaborated with Cornell Tech researchers on studies to enhance password security and authentication systems. By merging academic insights with real-world applications, they are developing practical solutions to meet the evolving challenges of cybersecurity. 

“It’s a privilege to work in an environment where every challenge offers an opportunity to grow,” Bradish said. “Cornell is made up of so many unique areas, each with its own mission, from the golf course to the art museum. My team and I are dedicated to understanding those missions and finding ways to mitigate risks while building trust across the university. Everybody at Cornell plays a part in the overall security of the institution, and it’s rewarding to collaborate with different offices and teams to support their goals while protecting the institution as a whole.”

According to Bradish, security and software engineers often overlook higher education as a base for their technology careers. However, he believes universities offer a unique opportunity for growth, allowing engineers to gain proficiency across multiple domains. 

“Keep an open mind,” he advised. “At Cornell, you’ll be surrounded by capable and thoughtful colleagues; it’s important to keep learning, listening and engaging. Technical skills can always be improved, but softer skills like relationship management, emotional intelligence and public speaking are what open doors. These doors might not always lead directly to career advancement, but they’ll ensure you’re ready when opportunities arise.” 

This collaborative mindset extends beyond Cornell. Bradish has participated in partnerships with IT professionals across Ivy League institutions. These collaborations have been instrumental in addressing shared security risks and strengthening layers of defense on college campuses.

“Higher education is much more collaborative,” he explained. “Unlike in the corporate world, where the focus is often on profit or selling a product, our goal here is to better the institution. We regularly engage with other universities to address security risks and develop shared solutions.” 

Bradish and his team have also created opportunities for the Cornell community to get involved, learn about current threats to security and how to effectively address and mitigate them. For example, Cornell IT hosts virtual sessions every month where they discuss ongoing initiatives and share trends or threats they are observing.  

“By using real-world examples of security threats or phishing attacks, we hope to raise awareness and empower people to better protect themselves,” he said. 

As a campus that operates like a small city, Cornell depends on leaders like Bradish to protect its intricate web of services and infrastructure. From responding to late-night alarms to collaborating with experts on cutting-edge security solutions, Bradish and his team are at the forefront of keeping this "city" safe.

“At the end of the day, building relationships and trust is key,” Bradish said. “When we alert different colleges, units and offices about something serious, it’s a collaborative effort that ensures Cornell continues to thrive. Looking ahead, I’m excited to continue finding new ways to enhance security while supporting the university’s mission.”