Matthew B. Yates – Director, Operations, Information Security and Governance, Secure Halo

Information security governance leader delivering scalable, compliance-aligned cybersecurity programs for federal and commercial organizations

Matthew B. Yates is the Director of Operations for Information Security and Governance at Secure Halo and a Cybersecurity Subject Matter Expert with 13+ years supporting federal and commercial environments. He leads enterprise security assessments and the execution of cybersecurity programs aligned to frameworks including NIST RMF, NIST SP 800-53 Rev. 5, NIST CSF, NIST SP 800-171, CMMC, and HIPAA. His work focuses on building defensible governance structures, driving POA&M remediation to closure, and strengthening operational resilience through continuous monitoring and risk-based prioritization.

Matthew B. Yates brings a governance-first mindset to cybersecurity, helping organizations translate regulatory expectations and mission requirements into programs that are executable, measurable, and sustainable. In his role as Director of Operations for Information Security and Governance at Secure Halo, he leads commercial cybersecurity engagements and service delivery, partnering with clients to assess risk, establish program maturity, and build operating models that scale with the organization.

His experience spans both federal and commercial environments, with deep expertise in applying industry-recognized frameworks to real operational contexts. Matthew supports the design and improvement of security programs across NIST RMF, NIST SP 800-53 Rev. 5, NIST CSF, NIST SP 800-171, CMMC, and HIPAA, bringing clarity to control implementation, continuous monitoring, and remediation prioritization. He is frequently engaged on initiatives involving third-party risk, insider threat programs, vulnerability management, and the development of security policy, roadmaps, and governance processes.

Previously, Matthew served as a DISA Cybersecurity SME supporting continuous monitoring of more than 25,000 DoD IT assets and as a Senior Navy Systems Engineer operating across classified and unclassified environments, including SAP systems. He is recognized for effective executive and government stakeholder communication and for driving POA&M remediation efforts from identification through closure with disciplined accountability.

Specialties & Experience

Matthew’s Specialties & Experience

Information security governance, risk, and compliance (GRC)
Enterprise security assessments and program maturity evaluation
NIST RMF and control framework implementation
Continuous monitoring and cybersecurity operations oversight
Third-party and supply-chain risk management
Insider threat program development
Vulnerability management and remediation governance
Security policy, program, and roadmap development

Recognitions & Professional Highlights

13+ years of cybersecurity experience across federal and commercial environments
Director, Operations, Information Security and Governance at Secure Halo and Cybersecurity Subject Matter Expert
Leads commercial cybersecurity engagements and service delivery at Secure Halo
Former DISA Cybersecurity SME supporting continuous monitoring of over 25,000 DoD IT assets
Former Senior Navy Systems Engineer supporting classified and unclassified environments, including SAP systems
Holds CISSP (ISC2), CompTIA Security+, an MBA, and an MPS in Homeland Security with a focus in Information Security and Forensics

Matthew B. Yates – Director, Operations, Information Security and Governance, Secure Halo

Specialties & Experience

Recognitions & Professional Highlights

Articles & Insights by Matt Yates

Supply Chain Vulnerabilities and TPRM

Existing CMMC to CMMC 2.0 Mapping

5 Things to Prepare you for CMMC

10 Exploited Vulnerabilities in Cybersecurity

DFARS Compliance – NIST 800-171 SPRS Self Assessment Calculator

Get Started

Cybersecurity Services

Industries

About Us

Connect

Email

Address

Main

Sales

Fax