Presentation is loading. Please wait.

Presentation is loading. Please wait.

ACM Columbia University 25 February 2009 What's a CS to do?

Published byJordan McDonald Modified over 8 years ago

Similar presentations

Presentation on theme: "ACM Columbia University 25 February 2009 What's a CS to do?"— Presentation transcript:

1 ACM Columbia University 25 February 2009 What's a CS to do?

2 Computer humor How many software developers does it take to screw in a light bulb?

3 Let’s talk money…NACE 2009 Computer science grads saw their average salary offer fall 1.4% from $56,920 to $56,128. For those employers who expect to offer signing bonuses to computer science grads, the average bonus will be about 25% lower than 2008’s average bonus.

4 The economy It’s going to have an impact for at least three years... …but the Stimulus Plan may actually help with jobs. Smart infrastructure Smart energy Smart healthcare

5 Separating yourself It’s not the degree nor the school – it’s your brand What programming issues do professionals face? What areas will be hot for CS majors? Staying in front – listening to those on the street & prospecting for positions instead of applying to them

6 Your brand and being found You must have a social media strategy Blogging Videos Podcasts Photos Facebook, LinkedIn, Twitter It’s all about building relationships

7 Top 25 programming errors Insecure Interaction Between Components Risky Resource Management Porous Defenses Source: SANS Institute - www.sans.org/top25errors/www.sans.org/top25errors/ SANS (SysAdmin, Audit, Network, Security) Institute Source: MITRE Corp - cwe.mitre.org/top25/cwe.mitre.org/top25/

8 The impact of the top 25 errors Software buyers will be buy much safer software. Programmers will have tools that consistently measure the security of the software they are writing. Colleges will teach secure coding more confidently. Employers will ensure they have programmers who can write more secure code.

9 Insecure interaction b/n components Improper Input Validation Improper Encoding or Escaping of Output Failure to Preserve SQL Query Structure (SQL Injection) Failure to Preserve Web Page Structure (Cross-site Scripting) Failure to Preserve OS Command Structure (OS Command Injection) Cleartext Transmission of Sensitive Information Cross-Site Request Forgery (CSRF) Race Condition Error Message Information Leak

10 Risky resource management Failure to Constrain Operations within the Bounds of a Memory Buffer External Control of Critical State Data External Control of File Name or Path Untrusted Search Path Failure to Control Generation of Code (Code Injection) Download of Code Without Integrity Check Improper Resource Shutdown or Release Improper Initialization Incorrect Calculation

11 Porous defenses Improper Access Control (Authorization) Use of a Broken or Risky Cryptographic Algorithm Hard-Coded Password Insecure Permission Assignment for Critical Resource Use of Insufficiently Random Values Execution with Unnecessary Privileges Client-Side Enforcement of Server-Side Security

12 What will be hot in 2009+? Virtualization This includes server virtualization as well as storage and client devices. Greater efficiencies and elimination of duplicate copies of data on real storage devices.server virtualizationstorage Cloud computing The built-in elasticity and scalability of cloud computing will help smaller companies grow quickly while also reducing barriers to entry. Cloud computing

13 What will be hot in 2009+? Servers - beyond blades Evolving servers will simplify the provisioning of capacity so organizations will be able to track an individual resource type - such as memory or processing power - and replace as needed, rather than having to pay for all resources every time an upgrade is needed.blades Web-oriented architectures Web-centric technologies and standards will continue to affect enterprise computing models leading to greater use of service-oriented environments. service-oriented environments

14 What will be hot in 2009+? Enterprise mash-ups Mash-ups are being added to enterprise systems to help deliver and manage applications.mash-ups Specialized systems Heterogeneous server systems are big in high performance computing from previously dedicated appliances.

15 What will be hot in 2009+? Social software and social networking Leading organizations add a social dimension to a conventional website or application.social networking Unified communications Massive consolidation in the communications industry as applications shift to off-the-shelf server and operating systems. This means formerly distinct markets and vendors will converge requiring organizations to take account of communications functions being replaced or converged.

16 What will be hot in 2009+? Business intelligence BI continues to boost and transform business performance, particularly in a difficult business environment like the current global credit crunch. Business intelligence Green IT Companies should think about shifting to more efficient products and processes as environmental scrutiny increases, and cut energy use. Green regulation is “hot” and this especially has the potential to seriously limit how businesses build data centers so organizations will require alternative plans for capacity growth. Green IT

17 Really hot Financial services especially refactoring of legacy systems Games Mobile: Smaller and smaller

18 Sites http://www.joelonsoftware.com/index.html http://slashdot.org/ http://www.joltawards.com http://www.indeed.com

19 Me Steve Levy The Tuttle Agency 295 Madison Avenue, 8 th Floor New York 10017 212-497-9576 slevy@tuttleagency.com My blog Connect to me on LinkedIn Follow me on Twitter

Download ppt "ACM Columbia University 25 February 2009 What's a CS to do?"

Similar presentations

Distributed Data Processing

Distributed Data Processing
Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,

Principles of Computer Security: CompTIA Security + ® and Beyond, Third Edition © 2012 Principles of Computer Security: CompTIA Security+ ® and Beyond,
The New Face of Enterprise Collaboration Trends, Observations, and Lessons Learned.

The New Face of Enterprise Collaboration Trends, Observations, and Lessons Learned.
1 Storage Today Victor Hatridge – CIO Nashville Electric Service (615) 747-3735.

1 Storage Today Victor Hatridge – CIO Nashville Electric Service (615)
A Demo of and Preventing XSS in.NET Applications.

A Demo of and Preventing XSS in.NET Applications.
Transforming the very fabric of the Internet into a high-performance video game machine Digital Media: The Butterfly Grid Presented by: Hao Wang.

Transforming the very fabric of the Internet into a high-performance video game machine Digital Media: The Butterfly Grid Presented by: Hao Wang.
It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.

It’s always better live. MSDN Events Security Best Practices Part 2 of 2 Reducing Vulnerabilities using Visual Studio 2008.
15 Chapter 15 Web Database Development Database Systems: Design, Implementation, and Management, Fifth Edition, Rob and Coronel.

15 Chapter 15 Web Database Development Database Systems: Design, Implementation, and Management, Fifth Edition, Rob and Coronel.
Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.

Information Networking Security and Assurance Lab National Chung Cheng University The Ten Most Critical Web Application Security Vulnerabilities Ryan J.W.
Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.

Information Networking Security and Assurance Lab National Chung Cheng University 1 Top Vulnerabilities in Web Applications (I) Unvalidated Input:  Information.
McGraw-Hill/Irwin Copyright © 2008, The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin Copyright © 2008 The McGraw-Hill Companies, Inc.

McGraw-Hill/Irwin Copyright © 2008, The McGraw-Hill Companies, Inc. All rights reserved.McGraw-Hill/Irwin Copyright © 2008 The McGraw-Hill Companies, Inc.
CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.

CS 290C: Formal Models for Web Software Lecture 1: Introduction Instructor: Tevfik Bultan.
Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.

Presented by Sujit Tilak. Evolution of Client/Server Architecture Clients & Server on different computer systems Local Area Network for Server and Client.
Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.

Web-Enabling the Warehouse Chapter 16. Benefits of Web-Enabling a Data Warehouse Better-informed decision making Lower costs of deployment and management.
Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.

Database Administration Chapter 16. Need for Databases  Data is used by different people, in different departments, for different reasons  Interpretation.
Adriana Iordan Web Marketing Manager / Avangate Social Networking Media How the software authors should use it?

Adriana Iordan Web Marketing Manager / Avangate Social Networking Media How the software authors should use it?
© 2012 TeraMedica, Inc. Big Data: Challenges and Opportunities for Healthcare Joe Paxton Healthcare and Life Sciences Sales Leader.

© 2012 TeraMedica, Inc. Big Data: Challenges and Opportunities for Healthcare Joe Paxton Healthcare and Life Sciences Sales Leader.
C5- IT Infrastructure and Emerging Technologies

C5- IT Infrastructure and Emerging Technologies
WebGIS. Web & GIS ….WebGIS Access without purchasing proprietary software Data directly from producer Emerging new market.

WebGIS. Web & GIS ….WebGIS Access without purchasing proprietary software Data directly from producer Emerging new market.
Internet GIS. A vast network connecting computers throughout the world Computers on the Internet are physically connected Computers on the Internet use.

Internet GIS. A vast network connecting computers throughout the world Computers on the Internet are physically connected Computers on the Internet use.

Similar presentations

Ads by Google