Software Engineering Institute | Carnegie Mellon University
Software Engineering Institute | Carnegie Mellon University
Menu
Home Digital Library Matthew J. Butkovic | SEI Digital Library

Digital Library

Javascript is currently disabled for your browser. For an optimal search experience, please enable javascript.

Advanced Search

Basic Search

Content Type

Topics

Publication Date

Matthew J. Butkovic

Author

Matthew J. Butkovic

2415

Software Engineering Institute
Matthew Butkovic is the Technical Manager of the Cybersecurity Assurance team within the CERT® Division at the Software Engineering Institute (SEI), a unit of Carnegie Mellon University in Pittsburgh, PA. Butkovic performs critical infrastructure protection research and develops methods, tools, and techniques for evaluating capabilities and managing risk.

Butkovic has more than 15 years of managerial and technical experience in information technology (particularly information systems security, process design and audit) across the banking and manufacturing sectors. Prior to joining CERT in 2010, Butkovic was leading information security and business continuity efforts for a Fortune 500 manufacturing organization.

Butkovic is a Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA).

 

 

 

July 2018 - Webinar Digital Footprints: Managing Privacy and Security

Topics: Cyber Risk and Resilience Management

With the recent Cambridge Analytica news and the rollout of the General Data Privacy Rule (GDPR) in Europe, there are many questions about how social media data privacy is managed and how it could be managed.

January 2016 - Article CYBURGH, PA: Using Process to Tame Technology

Topics: Cyber Risk and Resilience Management

In this teQ Magazine article, Matt Butkovic discusses the role process plays solving today's cybersecurity challenges.

November 2015 - Webinar Resilience Panel Discussion

Topics: Cyber Risk and Resilience Management

CERT researchers discuss risk management and resilience.

March 2015 - Podcast Supply Chain Risk Management: Managing Third Party and External Dependency Risk

Topics: Cyber Risk and Resilience Management

In this podcast, Matt Butkovic and John Haller discuss approaches for more effectively managing supply chain risks, focusing on risks arising from “external entities that provide, sustain, or operate Information and Communications Technology (ICT)."

December 2014 - Webinar Lessons in External Dependency and Supply Chain Risk Management

Topics: Cyber Risk and Resilience Management

In this webinar, John Haller and Matthew Butkovic of the CERT Division of the Software Engineering Institute will discuss real-world incidents, including recent industrial control system attacks and incidents affecting Department of Defense capabilities.

June 2014 - Webinar CERT® RMM User Panel Discussion: USPIS, DHS, DoE, SunGard, & Lockheed Martin

Topics: Cyber Risk and Resilience Management, Risk and Opportunity Management

Watch the CERT® RMM User Panel discuss their experiences implementing RMM from the SEI Virtual Event, CERT® Operational Resilience: Manage, Protect and Sustain

June 2014 - Webinar Department of Homeland Security Cyber Resilience Review (Case Study)

Topics: Cyber Risk and Resilience Management, Risk and Opportunity Management

Watch Matthew Butkovic discuss the "Department of Homeland Security Cyber Resilience Review (Case Study)" from the SEI Virtual Event, CERT® Operational Resilience: Manage, Protect and Sustain

November 2013 - Podcast Using the Cyber Resilience Review to Help Critical Infrastructures Better Manage Operational Resilience

Topics: Cyber Risk and Resilience Management

In this podcast, the presenters explain how CRRs allow critical infrastructure owners to compare their cybersecurity performance with their peers.

November 2013 - Technical Note Advancing Cybersecurity Capability Measurement Using the CERT-RMM Maturity Indicator Level Scale

Topics: Cyber Risk and Resilience Management

In this report, the authors review the specific and generic goals and practices in CERT-RMM to determine if a better scale could be developed.

June 2013 - Presentation Cybersecurity SLAs: Managing Requirements at Arm's Length

Topics: Cyber Risk and Resilience Management, Cybersecurity Engineering

presentation from the June 2013 CERT Symposium on Cyber Security Incident Management for Health Information Exchanges

June 2013 - Video Cyber Security Service Level Agreements

Topics: Cybersecurity Engineering

In this video, Matthew Butkovic presents information about cyber security service level agreements.

December 2011 - Podcast Considering Security and Privacy in the Move to Electronic Health Records

In this podcast, participants discuss how using electronic health records bring many benefits along with security and privacy challenges.

April 2011 - Technical Report Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability, Version 2.0

Topics: Incident Management

In this 2011 report, an update to its 2010 counterpart, the authors provide insight that interested organizations and governments can use to develop a national incident management capability.

February 2011 - Podcast Conducting Cyber Exercises at the National Level

Topics: Cyber Risk and Resilience Management

In this podcast, participants discuss exercises that help organizations, governments, and nations prepare for, identify, and mitigate cyber risks.

June 2010 - Special Report Best Practices for National Cyber Security: Building a National Computer Security Incident Management Capability

Topics: Incident Management

In this report, the authors provide insight that interested organizations and governments can use to develop a national incident management capability.