Industry:Minutes 2011-05-13

Information on GIC Working Sessions at AppSec EU

 * 3 sessions on Friday, June 10 2011 (second day of the conference)
 * 1st session:GIC Outreach Presentation 10:15-11:00 am, presented by Nishi Kumar The purpose for this session is to help organizations understand why application security is important and how OWASP can help in making their applications more secure. It will give them an opportunity to learn what documentation, training, architecture, tools and infrastructure is available. The best part is all these materials are free. OWSAP provides the solution for their application security needs. We are also looking to improve collaboration by helping get more organization participating in OWASP projects. This will help us ensure that we account for the various needs of industry and develop well vetted best practices. Security For Managers And Executives - Industry Outreach Presentation
 * 2nd session: Gathering Information - Industry CISO Survey 12:05-12:50 pm, presented by Rex Booth
 * 3rd session: Industry Roundtable discussion 3:00-3:45 pm, presented by Sarah Baso with remote participation by Joe Bernik Discussion format based on questions such as: How can GIC become more relevant and work to achieve a better working relationship with industry verticals? What ROI would companies find valuable when sponsoring/supporting OWASP?


 * Goal(s) of the GIC sessions at AppSec EU: As also discussed on the last two calls is to overall work toward achieving the GIC's 2011 committee initiatives -- most importantly 1) Engage in discussion with the appsec community (and various industry verticals) to learn how GIC can become more relevant in the context of Industry. 2) Communicate with people not currently involved in OWASP about what OWASP and OWASP Tools can offer their organizations and determine what things are not currently being offered to them that would make them interested in sponsoring/supporting OWASP.


 * Eoin also will be rolling out his GASS Survey (on survey monkey) during the conference and we hope to work that in to one of the sessions.

Discussion items for Call

 * AppSec EU working sessions
 * Thoughts on who we can send invitations out to for the GIC working sessions?
 * How can we incentivize attendance at these sessions (or mitigate any opportunity cost for attendees)?
 * What questions (if any) should be included in the roundtable discussion?
 * Update from Nishi on her presentation and session
 * Update from Rex on his CISO survey and session
 * OWASP Awards for AppSec USA - what and who?
 * Joe Bernik - feedback from FS-ISAC conference