Overview

I've spoken on various topics in Cybersecurity at over 50+ speaking engagements including AI4, Billington Cybersecurity, FCW, GovMatters, DoD Cyber Crime Conference, AFCEA, and have been featured in many different media outlets as a cybersecurity expert.

Conferences

Zero Trust Acceleration and Innovative Cyber Capabilities - Rocky Mountain Cyber Symposium 22 - February 2022

In this talk, learn how organizations can accelerate the cyber resiliency through enablement of Zero Trust and innovative cyber capabilities (Autonomous Cyber, AI/ML, and 5G) to support the mission. * Provide insight into our zero-trust acceleration efforts and holistic strategy to implement innovative capabilities across the Zero Trust pillars such as Identity, Device, Network, Applications, and Data solutions. * Understand how to best apply AI/ML provides more effective detection and response to threats in near real-time transforming cyber operations towards Autonomous Cyber Defense. * Secure, manage & transform OT, IT, and cloud operations through Zero Trust Network Access and data security. * Leverage key emerging technologies like 5G, cloud, automation, and AI/ML to provide more robust cyber situational awareness and operational threat reduction.

Impact of Cyber Executive Order - WashingtonExec - December 2021

WashingtonExec’s Rachel Kirkland speaks with Matthew McFadden, GDIT’s vice president of cyber and distinguished technologist. McFadden, who also leads GDIT’s Cyber Center of Excellence, weighs in on how the Biden administration’s Cyber Executive Order is affecting organizations after 6-plus months.

Impact of Cyber Executive Order - WashingtonExec - December 2021

WashingtonExec’s Rachel Kirkland speaks with Matthew McFadden, GDIT’s vice president of cyber and distinguished technologist. McFadden, who also leads GDIT’s Cyber Center of Excellence, weighs in on how the Biden administration’s Cyber Executive Order is affecting organizations after 6-plus months.

Cybersecurity Executive Order, Zero Trust - ExecutiveBiz - December 2021

Mike Baker, GDIT CISO and Dr. Matthew McFadden shared insights on EO and its impact on the company’s supply chain risk management work and zero trust architectures.

Main Session Panel – Zero Trust: Execution - Billington Cybersecurity Summit 2021- October 2021

What are the essential ingredients of building and running a zero-trust environment for your workforce? How do you develop a policy engine and administrator that ensures the right people and the right applications continually have the right access while keeping bad actors from violating this trust? This panel of private sector and government experts will discuss how to execute a zero-trust environment to ensure effective cyber security and productive workflows. Steven Hernandez, CISO/Director, U.S. Dept. of Education; Imran Umar, Distinguished Engineer, Booz Allen Hamilton; Matthew McFadden, Vice President, Cyber Center of Excellence, GDIT; Zach Brown, CISO, FDIC Moderator: William "Terry" Burruss; Senior Content Director, Billington CyberSecurity

Cybersecurity: The Good, The Bad and The Ugly - 2021 ACI-NA PS&S / ACC Security Technology Conference - October 2021

The Good, The Bad and The Ugly Moderator: Dr. Matthew McFadden, Vice President, Cyber & Distinguished Technologist, General Dynamics Information Technology (GDIT) Speakers: Peter Brost, Senior Intelligence Officer, Cybersecurity and Infrastructure Security Agency Michael Stephens, General Counsel, Tampa International Airport

AI/ML & Autonomous Cyber – AI4 2021 - August 2021

More malware, supply chain attacks, zero days, ransomware, and adversarial campaigns results in more incident response/forensics and countermeasures requiring the need for more skilled cyber defenders. As these new threats increase and the threat landscape constantly changes organizations must work smarter become more effective with not only their capabilities but their workforce. In this talk you will understand how AI/ML provides more effective detection and response to threats in near real-time transforming cyber operations towards Autonomous Cyber Defense. In this session you will understand the current state and applications of Autonomous Cyber Defense how AI and Machine Learning is applied, and how this concept will reshape cyber operations in the future.

Cyber Strategies to Solve Customer Mission Challenges - DevSecOps Leadership Series - Sonatype - July 2021

Dr. Matthew McFadden will discuss his roles including developing cyber solutions, technical capabilities, cyber consulting, and leading GDIT’s Cyber Center of Excellence while championing innovation as it contributes to solving mission challenges and achieving customer success. Apply his experience to your own digital transformation journey in the shifting federal landscape as you develop your agency or organization's cyber strategy. Be ready to ask questions for our “Ask the Expert” session to follow.

Conducting a Cloud Security Health Check A Discussion of Cloud Security Best Practices - CompTIA - October 2020

Cloud adoption has increased exponentially over the past few years. Yet, our research shows us that executive leadership (e.g., CIOs, CISOs, and CEOs) and IT professionals alike continue to wonder if their hybrid and cloud solutions are secure. Join Matthew McFadden and Dr. James Stanger, CompTIA’s Chief Technology Evangelist, to learn more about steps that cloud security professionals take to conduct a “cloud cybersecurity health check.” They profile essential best practices that cybersecurity professionals do to identify the overall health of a cloud implementation. They will discuss common underlying conditions of organizations that lead to serious cloud security issues, and profile key tools that help you take the temperature of your particular organization. Why are companies experiencing fevers caused by serious, underlying cybersecurity issues? What steps can organizations of all types take to isolate the causes of poor cloud security health and hygiene? Join us to learn more.

CISA CTO to Government: Focus on Visibility and Resiliency When Moving to Multi-Cloud - Meritalk - September 2020

During MeriTalk’s recent webinar, Brian Gattoni, Chief Technology Officer for the Cybersecurity and Infrastructure Security Agency (CISA), and Dr. Matthew McFadden, Senior Director of Cyber and Lead for the Cyber Center of Excellence for GDIT discussed the report findings. During the webinar, the two experts stressed that amid a changing cloud landscape, Federal agencies must modernize their cybersecurity strategies to keep pace. The research study surveyed 150 Federal cybersecurity managers to explore multi-cloud cybersecurity challenges and opportunities, current efforts and aspirations, and opportunities for future-proofing multi-cloud cybersecurity.

The Importance of Cybersecurity during COVID-19 - GovMatters - September 2020

For weeks, most of the federal civilian workforce and a large percentage of DoD employees have been teleworking. Information Technology (IT) offices across government have been logging long – often intense – hours in order to enable mission-critical work, some of it directly tied to COVID-19 response efforts. Agencies have purchased hundreds-of-thousands of new laptops, managed an exponential rise in help-desk requests, and learned entirely new methods of digital communication during the pandemic. This 30-minute program will bring together thought leaders from the public and private sectors for a look at challenges to and best practices for a key issue connecting all those efforts – cybersecurity. Appearing on this program with Francis Rose, Government Matters Thought Leadership Network: Ronald Pontius, Deputy to the Commanding General, U.S. Army Cyber Command, Theresa Lang, Acting Chief Information Security Officer, DHS, Matthew McFadden, Director, Cyber Center of Excellence, GDIT

Operating Under Constant Cyber Threat - Imagine Nation ELC 2019 - ACT-IAC - Center Stage - October 2019

In a world where cyber threats are growing and evolving ever-more-quickly, the newly-emerging concept of Autonomous Cyber Defense will become critical to protecting government and citizens alike. Through this approach, agencies focus primarily on automated detection and real-time response to new threats. To do this, agencies must leverage key emerging technologies like cloud and AI/ML to provide more robust cyber situational awareness and operational threat reduction. Come to this session to understand the current state and applications of Autonomous Cyber Defense technologies, and how this concept will reshape operational cybersecurity strategies in the coming years.

2019 Dewald Roode Workshop on Information Systems Security Research - Autonomous Cyber Defense - October 2019

ITEN Wired 2019 - October 2019

Cybersecurity breakout on Adaptive Response and cyber threat landscape.

Luncheon Panel “What’s Next in Cybersecurity" - Gallaudet University - September 2019

Panel discussion with on workforce development and cyber trends with Dave Burg from E&Y.

Adaptive Response to Cyber Hygiene - Peak Cyber Conference - September 2019

Keynote Presentation on learning how to improve cybersecurity to adapt to ever-changing cybersecurity measures leverages automation, AI/ML, and cyber capabilities to drive a prevention-focused transformation model improve organization’s cyber hygiene.

Zero Trust 2025 - June 2019

In this session, we will provide a real definition of Zero Trust architecture beyond the buzzwords and define reality including use cases and strategy for implementation in thwarting adversaries. Zero Trust is a cyber strategy that users, applications, data, and networks should never be trusted and should always be verified. Learn how to develop a defense in depth approach to a zero trust ecosystem and establish an architecture and strategy for the enterprise that leverages automation, AI/ML, and native technologies to drive a prevention-focused transformation model.

Strategies for Enterprise Cloud Brokerages on AWS - AWS Public Sector Summit - June 2019

What does a fully featured cloud brokerage look like in the federal government? In this session, you will hear from cloud subject matter experts who have first-hand knowledge and deep AWS implementation experience. During this interactive session, we will share best practices when it comes to delivering an enterprise strategy for the cloud brokerage capability and enabling AWS solutions and secure managed services in highly complex and regulated environments.

The AI Vendor Landscape - Ai4 Cyber Conference - May 2019

Estimates vary, but there are over 1,000, and maybe over 2,000 cybersecurity vendors in the market. Many tout how their products and services are leveraging AI and machine learning technologies. How can a security professional decipher between what’s actually leveraging AI and what’s not? Is leveraging AI always even an advantage? Which guidelines can a security org follow when evaluating which vendors to onboard and which to part ways from? This panel will discuss best SOC practices for evaluating, onboarding, and working with cyber vendors.

Adaptive Response to Cyber Automation - Emerge 2019 - April 2019

Machine learning has the power to create safe, efficient solutions and services for government agencies at all levels. Dive in with Palo Alto Networks’ Chief Security Officer, Rick Howard, and GDIT’s Cyber Director, Matt McFadden, for an engaging session on how to adapt to everchanging cybersecurity measures using automation. It’s time to face the challenge of driving efficient cyber operations with limited resources and ever-increasing cyber threats.

Solving the Cybersecurity Manpower Problem - Dynamic Connections 2019 - April 2019

Panel discussing the cybersecurity manpower considerations focusing on industry and academia. Panelist: Dr. Matthew McFadden, GDIT, Paul Wagner, Univ. of AZ, Tim Walton, JHU-APL, Dr. Mohit Tawari, UT Austin

Leveling up your Cloud Security - Oracles 11th Federal Forum - March 2019

Technology and emerging threats are ever increasing and customers are facing more threats than ever before while having finite resources to address these threats. Operate at scale and stay secure. In this session we will discuss ways to optimize Cloud security through cyber automation, Cloud native technologies, Artificial Intelligence/Machine Learning to improve cyber defenses. Learn how to develop a technical approach to implementing real Cloud security and AI-enabled security in your cloud deployments while driving automation as an effective means to proactively prevent threats in real-time.

Panel on Artificial Intelligence - Rocky Mountain Cyber Symposium 2019 - February 2019

Moderator: Maj Gen (ret) Paul Nielsen Panelist: Dr Matt Gaston, Dr Matthew McFadden, Mr Anthony Grieco, Lt Col Mike Chiaramonte

Cyber Automation - Rocky Mountain Cyber Symposium 2019 - February 2019

Technology and emerging threats are ever increasing customers are facing more threats than ever before and they have finite resources to address these threats. In this training session you automate key operations and tasks using the Cloud, Security Orchestration, Automation, and Remediation (SOAR) technologies, and AI/ML can provide more robust cyber situational awareness and operational threat reduction. This session you will learn to better protect your workloads and defend against security threats while implementing automation. This training session provides a hands-on overview on implementing Integrated Adaptive Cyber Defense Framework (IACD) and technologies using Artificial Intelligence / Machine Learning / Orchestration that are being used in the commercial and government sector to drive cyber automation including compliance, continuous security, cloud security, and orchestration technologies.

Second Order Benefits of Open Integration - Integrated Cyber at JHU/APL - October 2018

The evolution of the SOAR market has the potential to fundamentally change classic business models because of the open integration of products and services. If companies are opening up their APIs, what other support services and opportunities does this open to small/mid-sized business development approaches and integration approaches? Tools that used to be custom-developed for integration are now commercially available and supported. What is your organization’s perspective on how a market of open integration changes for different business partners and operational activities?

Industry Panel on Implementor Insights - Integrated Cyber at JHU/APL - October 2018

An increasing number of organizations are exploring and integrating Security Automation & Orchestration (SA&O)/ Security Orchestration, Automation & Response (SOAR) strategies and platforms in cyber defense. During this panel, experienced organizations share SA&O, with information sharing, lessons learned, best practices, and recommendations.

Government & Industry Panel I | Defending Critical Cyber Resources and Networks - FCW Cyber Summit - August 09 2018

Agency IT leaders do not have to reinvent the wheel on cybersecurity. Standards and requirements are in place, as are shared services and resources. Our panelists will discuss resources available and best practices for defending cyber.

Wargaming the Security Infrastructure - ChannelCon 2018 - 2:15 PM - 3:15 PM, August 2 2018 - Article

Red team-blue team exercises take their name from military exercises. The idea is simple - one group of security pros, a red team, attacks a network, and an opposing group, the blue team, defends it. Originally, the exercises were used by the military to test force-readiness, today they’re also used to test information security systems. The key element for success is a red team that can get into the mind-set of an attacker. Join us to discuss how to setup and run effective red team/blue team exercises and what you can learn from them. https://certification.comptia.org/it-career-news/post/view/2018/08/03/channelcon-it-pro-track-day-2-dives-deep-into-cybersecurity

Nuclear Security: Prevention-Based Strategies for Today's Risks - Nuclear Deterrence Summit- Feb 21st, 2018

Nuclear installations invest heavily in physical and operational security designed to defeat external threats. The spectrum of current and future threats can be much more complex and nuanced. Are we protecting our facilities from yesterday's threats and missing the real risks? This panel of international risk management experts examines the efficacy of new approaches to safeguarding nuclear facilities in an ever-changing threat environment to look at how we anticipate and account for these emerging security risks, and how we can better understand our vulnerabilities to build stronger security systems and approaches.

Industry Panel: "Building the Cyber Workforce – The Industry Perspectives" - Cyber Education, Research, and Training Symposium (CERTS) - 2018

Mr. Joel Esler Manager, Open Source and Education Talos – Cisco, RADM (Ret.) Bill Leigher Director, DoD Cyber Ware Programs, Raytheon MG (Ret.) Jennifer Napper VP & GM, Army, Air Force and COCOMS DXC Technology - https://www.youtube.com/watch?v=bnJa9sDE4P0

Cybersecurity: Protect, Detect and Respond - Cybersecurity: Protect, Detect and Respond - FederalNewsRadio.com - 2017

This is why emerging approaches to cybersecurity such as automation and machine learning can give agencies the eyes and ears that they otherwise wouldn’t have in trying to secure the dual environments filled with an ever-increasing number of end points and therefore threats. https://federalnewsradio.com/federal-insights/2017/10/cybersecurity-protect-detect-and-respond/slide/1/

Training Organizations to Prevent Cyber Attacks – FISSEA 28th Annual Conference – 2015

Hand’s on practical application is the most effective way for an organization to train against cyber threats. Whether you are an information security officer, a seasoned system administrator, or a non-technical individual seeing and experiencing a cyber attack drastically increases awareness and detection. This presentation demonstrates a few different attacks and how you can best “show” your organization how to prevent a serious intrusion.

The Technology of Training Tomorrow’s Cyber Forces – FISSEA 27th Annual Conference – 2014

This session will break down the necessary components of building a cyber-education training system and foster discussion on developing futuristic cyber education training programs of the future and the appropriate technologies that will be required or will be needed. From this session you will learn about technology infrastructure, authentication, learning management systems, content management systems, virtual machines, software development, open source applications, integration, and futuristic technologies to address tomorrow cyber force’s needs.

Introduction to Malware Analysis – DoDCCC 2012

Malware is often found on computer systems during network intrusion investigations. The main goals of analysis are to assess an executable to discover its functionality, and to identify the artifacts of its presence and usage. This class is designed for investigators who need to perform basic malware analysis in order to aid in their forensic investigations. The purpose of this course is to introduce the principles of malware analysis, and to teach how to perform a basic assessment of unknown executables and malware. Investigators will learn how to use many free open source tools to perform analysis of executables at a basic level.

Network Intrusion and Malware Visualization – DoDCCC 2012

Learn how to effectively use visualization techniques to respond to network intrusions faster by visually modeling complex datasets. This topic will show you how to use visualization tools to effectively monitor, analyze, and respond to exploits and malware.

Splunk as an Enterprise Incident Response and Forensic Tool – DoDCCC 2012 / DoDCCC 2011

Splunk is a monitoring and reporting tool for enterprise IT systems that deeply emphasizes search capability by consolidating logs, metrics, and other data from applications, services, and network devices. Therefore, in this breakout session the investigator will learn how to index, search, and analyze all enterprise threat data from a single location in real time, drastically cutting response times, and limiting exposure to the threat by reacting quicker.

Malicious Code Analysis in Windows – DoDCCC2010

Subject Identification / General Searches and Public Records – 2010 ICAC Task Force Nat. Conf.

This lab will address how to use information available on the internet to search for subjects to establish leads and gather information on a target.

Basic Networking and Incident Response – 2010 ICAC Task Force Nat. Conf.

This lecture will address how to respond to networked computers and how to perform an incident response in order to collect sufficient evidence for an investigation.

It’s 4 o’ Clock and……Your Linux Server was Hacked… – Techno Forensics & Digital Investigations 2010

Track 4 – Lecture Room B Sponsored by ISFCE – An intrusion on a linux box occurred, now what? Learn how to respond to a linux machine and learn about all the evidence you will loose if you pull the plug. Linux incident responders must gather volatile data! This includes how to build their trusted tools, determine what information is collected during the volatile data gathering process, and how to use kernel and third party tools for volatile evidence gathering. This gives investigators evidence and analysis to supplement the dead box exams.

Network Intrusion Analysis Overview - 2010 Tech Forum

Linux Incident Response Volatile Data Gathering 101! – Techno Forensics & Digital Investigations 2009

An intrusion on a linux box occurred, now what? Learn how to respond to a linux machine and learn about all the evidence you will loose if you pull the plug. Linux incident responders must gather volatile data! This includes how to build their trusted tools, determine what information is collected during the volatile data gathering process, and how to use kernel and third party tools for volatile evidence gathering. This gives investigators evidence and analysis to supplement the dead box exams. Objective: To teach volatile data gathering techniques to intrusion and forensic investigations during incident response.

Wireshark as a Forensic Tool – 2009 DoDCCC

Firefox Forensics – 2009 DoDCCC

Browser Forensics – Techno Forensics & Digital Investigations 2008

This presentation will include an overview of how and where records are stored in various browsers. We will then explore the steps that may be taken in order to configure the IE7 or Firefox browsers to hide user tracks. And lastly, we will show information that may only be recoverable in RAM.

Phoenix Wardriving Project, 2006 FBI Infragard - Phoenix Chapter

Industry Tech Talks

• Industry - CSRA - TechTalk – Next Generation Technology Center – DoDIIS Worldwide

• Industry - CSRA – Customer Driven Training – DoDIIS Worldwide

• Industry - CSRA – Cloud Application and Network Management with AWS – DoDIIS Worldwide

• Industry - CSRA – Defense Cloud Migration – AWS Public Forum

• Industry - CSRA – Data Centric Multi-Level Security (DC-MLS) – GEOINT

Articles

NextGen IT Heroes - Featured - Fedscoop TV

Networked threat: Defence interest in cyber security surges - Janes Defense Weekly -Mar-2020

Federal Leaders Look To Reduce Complexity in Cybersecurity - Featured

Cyber Leaders Share Insights at Forum on Training - Featured

CSRA unveils Cyber Center of Excellence - Featured

Politico Cyber Updates - Mentioned

ExecutiveBiz - AI/ML Hackathon - Mentioned

Books

Defense Against the Black Arts: How Hackers Do What They Do and How to … By Jesse Varsalone, Matthew McFadden

As technology has developed, computer hackers have become increasingly sophisticated, mastering the ability to hack into even the most impenetrable systems. The best way to secure a system is to understand the tools hackers use and know how to circumvent them. Defense against the Black Arts: How Hackers Do What They Do and How to Protect against It provides hands-on instruction to a host of techniques used to hack into a variety of systems. Exposing hacker methodology with concrete examples, Defense against the Black Arts shows you how to outwit computer predators at their own game. Google Books

Amazon Slashdot Review Hak9

Not to be confused with: http://harrypotter.wikia.com/wiki/Defence_Against_the_Dark_Arts

Awards

2018– 1^st Place PCDC –Team Captain CSRA - CSRA Cyber Warriors Win PCDC "Pro Day".

2017 – 1^st Place PCDC –Team Captain CSRA - CSRA Cyber Warriors Win PCDC "Pro Day".

2016 – 1^st Place PCDC –Team Captain CSRA - CSRA Cyber Warriors Win PCDC "Pro Day".

"GDIT/CSRA took first place in the Palmetto Cyber Defense Competition (PCDC) “Pro Day" in Charleston, SC. The PCDC is a cyber defense event held by the Space and Naval Warfare Systems Center Atlantic (SPAWAR-SSC Atlantic) in collaboration with the South Carolina Lowcountry Chapter of the Armed Forces Communications and Electronics Association (AFCEA).

Events

2012 – White Team / Incident Response LE Lead (Law Enforcement Coordinator) – 2012 Collegiate Cyber Defense Competition (CCDC)

2011 – White Team / Incident Response LE – 2011 Collegiate Cyber Defense Competition (CCDC)