Ed Matthews
Cybersecurity Expert Edward Matthews Brings Real-World Challenges into the Classroom
Edward Matthews
Sr. Security Engineer, Partners Healthcare
Lecturer, Computer Science
MS, New York University; BS, Syracuse University
What is your area of expertise?
I have over 25 years of experience designing and supporting security tools and applications. I enjoy building applications and writing scripts that bridge the gap between databases and other third-party tools. I love the challenge of tracing data from the firewall through the internal systems (i.e., app servers, web servers, load balancers) to the database. Knowing where data sits and being able to find issues via logs, etc., is a challenge but can be rewarding when a high-level issue is resolved.
Currently, I am focused on security orchestration and the synergy of security tools. Cloud security and NoSQL products are also of interest to me.
How does the subject you work in apply in practice? What is its application?
I have designed, tested, and deployed applications on government and enterprise systems. For example, I supported databases (Sybase and Oracle) and applications that handled Wall Street market data feeds. I have also been involved in high-profile cyberattacks that were kept out of the media, working to rebuild what the hacker(s) destroyed and also piece together what the actual target was. I have also had the opportunity to build security teams from scratch and implement new programs at a company.
What courses do you teach at MET?
I teach Network Security (MET CS 690) and Database Design and Implementation for Business (MET CS 669). I have been teaching at BU since 2010, starting as an online course facilitator and then teaching onsite since 2015.
Please highlight a particular project within these courses that most interests your students. What “real-life” exercises do you bring to class?
In Database Design and Implementation for Business, students have a final project that they work through during the semester. They create a real-world database, many of which are in production at their place of work by the time the class ends. I also mention real-world database issues I came across over the years, and I can tell students enjoy hearing about challenges that may come up.
In Network Security, I enjoy seeing students’ reactions to in-class exercises as they walk through how easy it is to carry out different attacks. For example, one exercise walks the student through a SQL injection attack, allowing them to visualize and see how it works in real time.
As a part-time faculty member, you straddle the professional and the academic worlds. What do you consider to be the unique value you bring to the classroom?
With 25 years in the industry, I bring my real-world experience to the class, and offer examples and insight to the students, explaining the issues and the fallout afterward. The students enjoy hearing about this and knowing about what types of issues they may face when they head out into the workforce.