Cloud Security Architect
Matthew is responsible for the overall security posture and security architecture for Schneider Electric’s IoT cloud platform. In this capacity he leads the security vision and strategy, provides oversight of all stages of the Security Development Lifecycle to drive secure software development, drives security automation to support DevOps and agile release cycles, and supports governance and compliance in the operational cloud environment. Notably, Matthew has years of experience developing and analyzing threat models to identify and mitigate security design flaws and reduce attack surface and risk.
In previous roles Matthew has contributed to the security architecture and design of industrial control system software, participated in ICS organizations and working groups, and contributed to the development of ICS cyber security standards.
Matthew has over 8 years’ experience in cyber security and has obtained GIAC GSEC, GIAC GWEB, and (ISC)2 CCSP certifications. He has presented at previous S4 conferences. Matthew also has over 19 years’ experience as a software developer and architect and holds a Bachelor of Science in Computer Science from the University of British Columbia.
This session proposes an alternative approach for bi-directional data flows with IoT devices. The IoT device makes only outbound connections over secure, connection-oriented protocols that support bi-directional communications such as AMQP. The IoT device must always initiate the outbound connection and thus does not require an addressable server endpoint or a VPN to secure the […]