David Matthews is Deputy Chief Information Security Officer (CISO) for the City of Seattle. He worked in the information technology (IT) field since 1992. He began working for the City of Seattle as the technology manager for the legislative department (city council) in 1998. In early 2005 he was selected to be the first Deputy CISO for the city. In his work for the city he developed and created an incident response plan that is compliant with the National Incident Management System (NIMS)/Incident Command System (ICS); updated and extensively rewrote the city's information security policy; and created and taught training courses on information security and forensics. He most recently created an IT primer for the city's law department as part of his collaboration with them on e-discovery issues.
He is a participant and leader in regional information security organizations. He is the public-sector co-chair of the U.S. Computer Emergency Readiness Team (US-CERT)/Department of Homeland Security (DHS) sponsored North West Alliance for Cyber Security (NWACS). With NWACS he has worked with the Pacific Northwest Economic Region (PNWER) nonprofit to sponsor information security training for Supervisory Control and Data Acquisition (SCADA) operators and managers; a risk management seminar; a regional cyber response exercise; four Blue Cascades disaster scenario exercises; and is the creator and editor of a portal website with local information security and forensics activities, a library of best practice documents, and links to information security and forensics websites.
Matthews is also an active participant in many local, national, and international information security, forensics, and e-discovery organizations. He is the chair of the local Critical Infrastructure Protection subcommittee of the Regional Homeland Security team, and also is a member of the American Bar Association's Science and Technology and