Matthew James Butkovic

Technical Director, Cyber Risk and Resilience, CERT Division, Carnegie Mellon University Software Engineering Institute
Managing for Supply Chain Resilience Course

Matthew Butkovic is the Technical Director of the Cyber Risk and Resilience Assurance Directorate in the CERT Division of the Carnegie Mellon University Software Engineering Institute (CMU SEI).

Matt performs critical infrastructure protection research and develops methods, tools, and techniques for evaluating capabilities and managing risk. This includes addressing the challenges of complex supply chains.

Matt teaches graduate level cybersecurity policy courses at the CMU Heinz College of Information Systems and Public Policy. He also is an instructor, focused on organizational resilience and supply chain risk management, for the Heinz CISO and CRO Executive Certificate Programs.

Matt has more than 20 years of managerial and technical experience in information technology (particularly information systems security, process design, and audit) in the banking and manufacturing sectors.

He is a Certified Information Systems Security Professional (CISSP) and Certified Information Systems Auditor (CISA) and earned degrees at the University of Pittsburgh (BA) and Pennsylvania State University (MS).

The CERT Division of the SEI is the birthplace of cybersecurity, strengthening the resiliency of systems and networks.

A Department of Defense Federally-Funded Research and Development Center since 1984, the SEI has been critical to the government’s ability to acquire, develop, operate, and sustain software systems that are innovative, affordable, trustworthy, and enduring. The SEI researches complex software engineering, cyber operations, and Artificial Intelligence engineering solutions; creates and pilots innovative technologies; and transitions maturing solutions into practice.

The SEI is part of CMU, pioneering discoveries that enrich the lives of people on a global scale. We turn disruptive ideas into successes through CMU’s leading-edge research.