David Hillman

Senior Analyst, Technology Engineering and Optimization
Southern Company

I’ll be discussing how software security principles are being applied to protect critical infrastructure environments like the ones at Southern Company. Software security is a broad topic, so I’ll focus on the classes of bugs/vulnerabilities that we worry about in critical infrastructure and that have been used by malicious actors in the past to get past some defenses. I’ll talk about what led to serious breaches and issues like the ones that affected Colonial Pipeline, SolarWinds, and CrowdStrike. From there, I’ll dive into some software security principles from Loren Kohnfelder’s book, Designing Secure Software: A Guide for Developers. Next, I’ll discuss the confidentiality, integrity, and availability (CIA) triad and show what part of that triad we focus on to protect critical infrastructure. I’ll also talk about Southern Company culture and give some information about our recruiting partnership with GSU. A Q&A session will follow.

NOTE: Seating is limited for this event, so you must RSVP in PIN in order to be admitted.
RSVP: https://pin.gsu.edu/event/10857571

About the Speaker: David graduated from Georgia State in 2005 with a B.S. in computer science. He has since worked as a full-stack web developer, embedded systems developer, database administrator, system administrator, network administrator, security analyst, consultant, and now engineer. He’s worked in a variety of industries, including water and sewer treatment and distribution (mostly in data analysis, robotics, and security engineering), fintech, healthcare, and electric and gas utilities (security engineering, automation, and data analysis). His interests include reading science fiction novels, puzzles, bike touring, and running.

Everyone welcome!
Free refreshments!