SnowFROC Abstract Paller

The Presentation: "A Legal Minimum Standard of Due Care: The CAG and the Top 25 Most Dangerous Programming Errors"
This fast-paced briefing introduces you to the three faces of cyber crime and then turns quickly to the federal government's extraordinary response to the expanding threat: the CAG -- a minimum standard of due care for securing systems and applications. The briefing goes on to focus on the application security element of the CAG and particularly the Top 25 Most Dangerous Programming Errors and how custom software development procurement is being reshaped by them.

The Speaker: Alan Paller
Alan is the director of research for the SANS Institute, responsible for projects including the Internet Storm Center (the Internet’s early warning system with 500,000 sensors around the world) and SANS other consensus research projects such as the summary of the most critical new vulnerabilities discovered each week. He also edits NewsBites, the summary of the most important news stories in security that goes to 185,000 people twice each week. He says his most satisfying responsibility is finding people who have solved important security problems and helping others learn about those people and their discoveries. In 2001 the President named Alan as one of the original members of the National Infrastructure Assurance Council, and in 2005 the Federal CIO Council chose him as its Azimuth Award winner recognizing his singular vision and outstanding service to federal information technology. Alan earned degrees in computer science and engineering from Cornell and MIT.