Rutgers.edu
Michael Matos, manager of the Incident Detection and Response team
Wondering what happens when you report a cybersecurity threat or a phishing email at Rutgers? In most cases, those reports go to Michael Matos and his team, who are charged with investigating the countless ways cybercriminals try to target employees and students with every type of scam and scheme imaginable.
“I think that I have a really unique job,” says Matos, who works in the Office of Information Technology’s Information Security Office as a manager of the Incident Detection and Response team. “Incident response is such a broad field, so my day to day can look very different.”
Beyond his work life, Matos has a passion for music and spends his free time with his wife and three children. On the weekends, you’ll find him cheering on his children at their soccer games, or at home rocking out on his guitar or piano with his family.
How did you get started in the technology industry?
Math and science were the two subjects that always came really easy to me. My guidance counselor recommended that I explore the engineering field, so I went to the New Jersey Institute of Technology to study computing engineering, and it ended up being a great fit.
How would you describe your job to someone who is not in technology?
I currently manage the incident response team. So, when someone reports a security issue to abuse@rutgers.edu, that report is sent to my team and we work to resolve it. For example, if someone spots a phishing email, they should alert and contact my team, and we will investigate and protect our community from the security threat.
What is an example of a threat your team investigates?
A common issue we investigate is reports of unexpected Duo push notifications. Sometimes, users accidentally click “report” on Duo pushes that they initiated themselves, but other times the unexpected notifications are an indicator that the user’s password is compromised.
What other initiatives are you handling?
My team has also been involved with the OmniSOC internship program for a few years, which gives students at Rutgers the opportunity to work with students from other universities in the cybersecurity field. I’m excited to take the lead on this year’s program and will be working directly with those students this summer.
Do you have any cybersecurity tips to share?
The number one cause of your information being compromised is outdated software. Keeping your technology up to date is the easiest and best way to protect yourself. I know it’s tempting to click “later” when a software update pops up, but it’s important that you act right away and install that update. These updates have fixes for known cybersecurity vulnerabilities.
What about scams?
There are many email employment scams that students should be on the lookout for, like scammers asking individuals to click a link to fill out a form or a job application. If you see an email in your inbox that seems odd, always research or call the company to make sure that the email is actually coming from them and watch out for suspicious links. If you’re unsure, forward a copy of the message to abuse@rutgers.edu and my team will help.
What interests/hobbies do you have outside of work?
I have been playing music since I was a kid. I started on the keyboard and played in a wedding band for years. I played guitar in a grunge cover band for several years too. All of my children play piano, and one of my daughters is playing in a band at school. There are some songs she plays better than I can. I am a very proud dad.
What are some of your favorite songs to play?
When it comes to the piano, anything by Billy Joel. With my guitar, Dave Matthews is always a guilty pleasure. Whenever I play for an audience, I like to switch things up and get people to experience music they’re familiar with in an entirely different way, like playing an acoustic version of a hip-hop song, or a 90’s grunge-style version of a pop song.