Matt Dunlop, VP & CISO, Under Armour. PHOTO: Cybercrime Magazine.

A Scholarly U.S. Soldier Heads Up Cybersecurity At Under Armour

CISO Matthew Dunlop takes the long view to fill the employment gap

Steven T. Kroll

Northport, N.Y. – Jun 27, 2019

“Cyber warrior” is a figurative term for people working in cybersecurity, even though many of them never wore a military uniform.

Matt Dunlop, vice president and chief information security officer (CISO) at Under Armour, actually fits the description of a cyber warrior — with his 30 years of experience as a colonel in the U.S. Army. His career transitioned from exterior armor to Under Armour.

Dunlop initially earned a degree in mathematics and became involved with cyber in the Army around 2000 — first working as a network engineer. He went on for a master’s degree in computer engineering and used that experience to teach computer science at West Point. Ever curious and always learning, Dunlop ultimately received a doctorate with the intention of going back to teaching.

Things changed, however, with the beginning of a new entity — U.S. Army Cyber Command.

“At the end of the Ph.D. program, I had the opportunity to help the Army Cyber Command stand up, and I moved in that direction,” says Dunlop. “It was actually a fascinating opportunity because I was able to build it from the ground up and see it evolve over time.”

Focusing on cybersecurity education is a major priority for Dunlop.

“As we look into the future and project this huge job shortage, companies are looking for the silver bullet,” says Dunlop. “But I look at it as a long game.”

His involvement in the National Cyber Education Program in collaboration with Discovery Education follows through on this view. “The gist of it is, if we can teach kids from kindergarten about cyber, then, not only do we help close the workforce gap, because people learn more about it through their educational career, but also they just become better users because they understand the pitfalls.”

Education and intellectual growth don’t just end at graduation, as Dunlop believes in motivating employees to continuously learn and grow throughout their career. This investment in people helps retain talent. “My approach has always been people first, tools later, because if I don’t have the people to do the job, then I can’t run the tools,” says Dunlop.

As far as new tools go, moving into the cloud and mitigating those risks is all about education for Dunlop. If people know how the technology works, they will be able to secure it properly. Thus, while nothing is ever fully secure, there will be fewer chances for malicious actors to enter a system. In addition, automation creates room for learning because as computers pick up mundane tasks, people can move on to more sophisticated and complex activities, while developing new skills in the process.

Dunlop is not simply one to say something and remain idle. He holds himself to the same educational standards as his employees.

“If you don’t understand the technology that your people are dealing with, it’s hard to lead them,” says Dunlop. “And it’s also hard to tell your employees they’re going in the wrong direction, if you don’t understand where they’re going.”

Steven T. Kroll is a public relations specialist and staff writer at Cybercrime Magazine.

Ask The CISO Archives


From the start, the Fortinet vision has been to deliver broad, truly integrated, high-performance security across the IT infrastructure.

We provide top-rated network and content security, as well as secure access products that share intelligence and work together to form a cooperative fabric. Our unique security fabric combines Security Processors, an intuitive operating system, and applied threat intelligence to give you proven security, exceptional performance, and better visibility and control–while providing easier administration.

Our flagship enterprise firewall platform, FortiGate, is available in a wide range of sizes and form factors to fit any environment and provides a broad array of next-generation security and networking functions.

The Fortinet corporate brochure explains how we deliver comprehensive network, endpoint, application, and access security.

Learn more at