Difference between revisions of "Industry:Minutes 2011-04-08"

From OWASP
Jump to: navigation, search
m
 
(2 intermediate revisions by one user not shown)
Line 1: Line 1:
April 8, 2011 at 16:00 UTC/GMT we will be having a Global Industry Committee Call.
+
==Roll Call==
 +
Global Industry Committe Call: April 8, 2011 at 16:00 UTC/GMT
  
    * +1 877 534 8500 or International +1 513 534 8500
+
Present:
    * Passcode 410105 #
+
*Joe Bernik (Chair)
 +
*Sarah Baso (Secretary)
 +
*Nishi Kumar
 +
*David Campbell
 +
*Kate Hartmann (OWASP Director of Operations)
 +
*Rex Booth
 +
*Lorna Alamri
 +
*Mateo Martinez
 +
*Colin Watson
  
  
==Old Business==
+
Absent:
 +
*Mauro Flores
 +
*Georg Hess
 +
*Eoin Keary
 +
*Alexander Fry
  
* Budget update - Board approved 1/2 of our budget on Monday's meeting and will decide on the other half within a couple of weeks.
 
* David  - OWASP Panel at Brighttalk Appsec Summit- anything to report?
 
* Nishi has agreed to put together a ppt for the GIC to use in outreach efforts.  She will send a draft to rest of committee for review in the next 2-3 weeks.
 
* Surveys - Eoin's survey on survey monkey, status update from Rex on his survey
 
* AppSec EU -- Industry Committee hosting industry breakout sessions.  Who is going from GIC?  Who do we need to send invites out to? What is our game plan?
 
  
==New Business==
+
==Discussion, Action, Results==
  
* Committee Governance: The Conferences Committee has put together a basic committee governance structure:  http://www.owasp.org/index.php/Global_Conferences_Committee_Governance    Can we adopt a slightly modified (to fit the GIC's initiatives) version? What changes would people like to see? 
+
=== Budget Update===
  
* Lucas's open letter to the Brazilian Government - Colin has provided Lucas with some feedback, but it would be great if we as a committee could vote on whether we can officially "endorse" the letter, to provide Lucas with some backing.  There has been a long string of email regarding Lucas's request for feedback on the GIC mailing list... if you missed it, email me and I can forward it on.`
+
*SB - Board approved 1/2 of our budget ($24,500) on Monday's meeting and will decide on the other half within a couple of weeks.
  
The original version (in Portuguese) is available here: https://docs.google.com/a/owasp.org/viewer?a=v&pid=explorer&chrome=true&srcid=0B80Pq13j4HaqYTJlYjYyMjQtZGIyZS00NGY2LTlmOTMtZDUyMDk5MzUzYmEx&hl=en&authkey=CIi7r5EP
 
  
A Google translated version is here: https://docs.google.com/a/owasp.org/document/d/1pWNIlMvbl9DueibfrETIRZBj4qxKLjz6DgavTxnYNDQ/edit?hl=en&authkey=CNOWjaQL
+
===AppSecEU===
  
* FSISAC summit May 2nd (Joe)
+
*SB - Industry Committee hosting industry breakout sessions.  Who is going from GIC?  Who do we need to send invites out to? What is our game plan?
 +
*CW and EK already attending. RB, NK, and LA are all interested in attending if GIC will sponsor.
 +
*JB - we should plan on sending RB and NK based on their current Industry iniatives (CISO survey and GIC outreach presentation).  We could maybe send LA depending on her proposed ROI.  JB and LA to have follow-up conversation on this.
 +
*SB to follow up and get list of attendees from Fabio and Eoin, from there we can figure out who to get involved/invite for breakout sessions.
  
* Jeff's email to OWASP Leaders yesterday re: Outreach (attached in case you missed or didn't receive it) --> What can we do to be involved in this outreach effort or coordinate it in our current plans?
+
 
 +
===OWASP Panel at Brighttalk AppSec Summit===
 +
 
 +
*DC participated in panel talking about OWASP along with Justin Clarke, Dennis Grove, and Derek Brink - approx. 80 attendees and session is archived online and available for those who want to check it out.
 +
* NKhas agreed to put together a ppt for the GIC to use in outreach efforts.  She is looking for feedback on what committee members want in the presentation, and will follow up with an email to the GIC.  Also, after she puts together a finished product in the upcoming weeks, she will send a draft to rest of committee for review.
 +
 
 +
 
 +
===Surveys===
 +
 
 +
*Monthly subscription to SurveyMonkey has been purchased for $23.99/month. We expect to continue with this for 6 months to post the GASS survey put together by EK.  SB has posted this survey to SurveyMonkey and is awaiting feedback from EK before sending it to rest of committee for review.
 +
 
 +
*RB is putting together another survey based on idea started at the Global Summit in Portugal. This survey is CISO focused and will be delivered during face time with various industry personnel (seeking to utilize opportunities we wouldn't otherwise have). 
 +
*RB is in the process of putting together a project plan and will send to GIC in the next couple of weeks. The survey itself is more long term (not a month or two).
 +
*RB's employer - Grant Thornton - has offered to sponsor the survey.  They will pay to be an organizational/corporate OWASP sponsor ($5000 of which the GIC will receive 40% or $2000). Also Grant Thornton will be responsible for the back end analysis - delivering the results and outcomes publication. In exchange they would like their logo on the front cover of the survey. For an example see Aspect Security's sponsorship of the [[:Category:OWASP_Enterprise_Security_API|ESAPI project]].
 +
*No committee member concerns vocalized at this time.
 +
*RB will follow up with Kate Hartmann on payment logistics and possible contract/agreement with Grant Thornton.
 +
 
 +
 
 +
===Other Organizational Supporters===
 +
*DC spoke with a contact regarding possibility of Google becoming a OWASP corporate sponsor. With Grant Thornton's corporate sponsorship, there is a clear tangible value for the sponsorship, but what can OWASP or the GIC provide/offer to Google as a ROI. The GIC needs to think about what we could offer Google and other companies who we want to bring in as sponsors and hope to get involved in the organization.  $5000 is a relatively small amount for these orgs and we should not be shy about asking them to support.
 +
*Committee should think about this and we will discuss further at next meeting.
 +
 
 +
 
 +
===New GIC Member===
 +
 
 +
*NK was previously approved as GIC committee member, she has resigned from GEC so now can be an official voting member of GIC. Please welcome her!
 +
 
 +
 
 +
===New GIC Mission Statement===
 +
 
 +
*SB - we need to have a vote on the new GIC mission statement: To expand the engagement of OWASP and its mission amongst the public and private sector verticals, through outreach; including presentations, development of position papers and collaborative efforts.  The Global Industry Committee serves as the voice of OWASP within the public and private sector and the channel through which OWASP aligns its efforts to the demands of the market.
 +
 
 +
*SB to send out email to committee members for an official vote.
 +
 
 +
 
 +
===Committee Governance===
 +
 
 +
*SB - The Conferences Committee has put together a basic committee governance structure:  http://www.owasp.org/index.php/Global_Conferences_Committee_Governance    Can we adopt a slightly modified (to fit the GIC's initiatives) version? What changes would people like to see?
 +
*NK put together a version of this for the Education Committee and thinks it is a good idea for us to follow this same model.
 +
*SB to format version for GIC and send out to Committee for comment and vote.
 +
 
 +
 
 +
===Lucas Ferreira's Open Letter to the Brazilian Government===
 +
* Lucas's open letter to the Brazilian Government - CW has provided some feedback on the letter and MF (as well as Lucas) has asked for the support of the GIC as a whole.
 +
* DC - this is just the sort of project that the GIC should be doing, he is in support.
 +
*CW - thinks it would be good to have support from other Brazilian OWASP chapters as well.
 +
*SB - to follow up with Lucas let him know that we understand he is following up with other Brazilian chapters, in the mean time GIC will circulate document. We hope to have a unified statement /support to provide the document soon.
 +
**The original version (in Portuguese) is available here: https://docs.google.com/a/owasp.org/viewer?a=v&pid=explorer&chrome=true&srcid=0B80Pq13j4HaqYTJlYjYyMjQtZGIyZS00NGY2LTlmOTMtZDUyMDk5MzUzYmEx&hl=en&authkey=CIi7r5EP
 +
**A Google translated version is here: https://docs.google.com/a/owasp.org/document/d/1pWNIlMvbl9DueibfrETIRZBj4qxKLjz6DgavTxnYNDQ/edit?hl=en&authkey=CNOWjaQL
 +
 
 +
 
 +
===FSIAC Summit===
 +
* [http://www.fsisac.com/events/spring_conference/2011/ FSISAC Summit]  - May 2. JB plans to attend and arrive a day early to promote OWASP and the GIC mission. He will follow up after the event with the committee.
 +
 
 +
===Jeff Williams' email on outreach to other communities===
 +
* [https://lists.owasp.org/pipermail/owasp-leaders/2011-April/005071.html Jeff's email to OWASP leaders yesterday] re: Outreach --> Should GIC play a role in this effort?
 +
*CW - other OWASP leaders already involved including Dave Wichers and John Wilander (with Developers Group), not sure the GIC has the bandwidth to take this on.
 +
*JB - table this discussion for later.
 +
 
 +
 
 +
===National Volunteer Week===
  
 
* April 10-16 is National Volunteer Week --  What can the GIC do to leverage this and promote our efforts? How can we raise awareness of the great things we are doing globally?
 
* April 10-16 is National Volunteer Week --  What can the GIC do to leverage this and promote our efforts? How can we raise awareness of the great things we are doing globally?
 +
**The OWASP Foundation is a 99.9% volunteer driven organization!  Let’s take this time to recognize those volunteers who have dedicated their time and talent to making the universe safer for the rest of us.
 +
**Stats: Mailing list of 25,000,  135 active projects, 70 active chapters globally, volunteer organized conferences on every continent, committees, influencing education and government
 +
*SB - All committee members are encouraged to use this opportunity to promote OWASP as well as the GIC -- blog, tweet and whatever other social media you use can be a chance to spread the word.
 +
*No comments from other committee members.
 +
 +
===Open Form===
 +
 +
*No other new business or comments.
 +
 +
 +
==Next Meeting==
 +
TBD
 +
* +1 877 534 8500 or International +1 513 534 8500
 +
* Passcode 410105 #
 +
 +
 +
==Summary==
 +
===Post-Meeting Deliverables for SB===
 +
*SB to follow up and get list of attendees from Fabio and Eoin, from there we can figure out who to get involved/invite for breakout sessions.
 +
*SB to send out email regarding new GIC mission statement to committee members for an official vote.
 +
*SB to format version of GCC's committee governance doc for GIC and send out for comment and vote.
 +
*SB - to follow up with Lucas let him know that we understand he is following up with other Brazilian chapters, in the mean time GIC will circulate document. We hope to have a unified statement /support to provide the document soon.
 +
 +
===Deliverables for others===
 +
 +
* NK has agreed to put together a ppt for the GIC to use in outreach efforts.  She is looking for feedback on what committee members want in the presentation, and will follow up with an email to the GIC.  Also, after she puts together a finished product in the upcoming weeks, she will send a draft to rest of committee for review.
 +
*RB to send out Survey Project Plan to GIC in the next couple weeks.
 +
*All Committee Members
 +
**Review (if have not already) Lucas Ferreira's Open Letter to Brazilian Government
 +
**Consider/come up with ideas what GIC or OWASP can offer as a ROI to potential corporate sponsors such as Google.
 +
**Consider new Committee Governance Plan
 +
**Vote on new GIC mission Statement
  
The OWASP Foundation is a 99.9% volunteer driven organization!  Let’s take this time to recognize those volunteers who have dedicated their time and talent to making the universe safer for the rest of us.
+
===Update: Record of Mission Statement Vote===
 +
Vote yes or no to adopt new mission statement for GIC.
 +
* Joe Bernik- YES
 +
* Lorna Alamri- <no vote received>
 +
* Rex Booth-YES
 +
* Georg Hess-<no vote received>
 +
* Eoin Keary-Yes
 +
* David Campbell-YES
 +
* Colin Watson - YES
 +
* Alexander Fry-YES
 +
*Nishi Kumar-YES
 +
*Mauro Flores-YES
 +
*Mateo Martinez-YES
  
Stats: Mailing list of 25,000,  135 active projects, 70 active chapters globally, volunteer organized conferences on every continent, committees, influencing education and government
+
Return to [[Global Industry Committee]] or [[Global Committee Pages]].

Latest revision as of 22:39, 12 April 2011

Contents

Roll Call

Global Industry Committe Call: April 8, 2011 at 16:00 UTC/GMT

Present:

  • Joe Bernik (Chair)
  • Sarah Baso (Secretary)
  • Nishi Kumar
  • David Campbell
  • Kate Hartmann (OWASP Director of Operations)
  • Rex Booth
  • Lorna Alamri
  • Mateo Martinez
  • Colin Watson


Absent:

  • Mauro Flores
  • Georg Hess
  • Eoin Keary
  • Alexander Fry


Discussion, Action, Results

Budget Update

  • SB - Board approved 1/2 of our budget ($24,500) on Monday's meeting and will decide on the other half within a couple of weeks.


AppSecEU

  • SB - Industry Committee hosting industry breakout sessions. Who is going from GIC? Who do we need to send invites out to? What is our game plan?
  • CW and EK already attending. RB, NK, and LA are all interested in attending if GIC will sponsor.
  • JB - we should plan on sending RB and NK based on their current Industry iniatives (CISO survey and GIC outreach presentation). We could maybe send LA depending on her proposed ROI. JB and LA to have follow-up conversation on this.
  • SB to follow up and get list of attendees from Fabio and Eoin, from there we can figure out who to get involved/invite for breakout sessions.


OWASP Panel at Brighttalk AppSec Summit

  • DC participated in panel talking about OWASP along with Justin Clarke, Dennis Grove, and Derek Brink - approx. 80 attendees and session is archived online and available for those who want to check it out.
  • NKhas agreed to put together a ppt for the GIC to use in outreach efforts. She is looking for feedback on what committee members want in the presentation, and will follow up with an email to the GIC. Also, after she puts together a finished product in the upcoming weeks, she will send a draft to rest of committee for review.


Surveys

  • Monthly subscription to SurveyMonkey has been purchased for $23.99/month. We expect to continue with this for 6 months to post the GASS survey put together by EK. SB has posted this survey to SurveyMonkey and is awaiting feedback from EK before sending it to rest of committee for review.
  • RB is putting together another survey based on idea started at the Global Summit in Portugal. This survey is CISO focused and will be delivered during face time with various industry personnel (seeking to utilize opportunities we wouldn't otherwise have).
  • RB is in the process of putting together a project plan and will send to GIC in the next couple of weeks. The survey itself is more long term (not a month or two).
  • RB's employer - Grant Thornton - has offered to sponsor the survey. They will pay to be an organizational/corporate OWASP sponsor ($5000 of which the GIC will receive 40% or $2000). Also Grant Thornton will be responsible for the back end analysis - delivering the results and outcomes publication. In exchange they would like their logo on the front cover of the survey. For an example see Aspect Security's sponsorship of the ESAPI project.
  • No committee member concerns vocalized at this time.
  • RB will follow up with Kate Hartmann on payment logistics and possible contract/agreement with Grant Thornton.


Other Organizational Supporters

  • DC spoke with a contact regarding possibility of Google becoming a OWASP corporate sponsor. With Grant Thornton's corporate sponsorship, there is a clear tangible value for the sponsorship, but what can OWASP or the GIC provide/offer to Google as a ROI. The GIC needs to think about what we could offer Google and other companies who we want to bring in as sponsors and hope to get involved in the organization. $5000 is a relatively small amount for these orgs and we should not be shy about asking them to support.
  • Committee should think about this and we will discuss further at next meeting.


New GIC Member

  • NK was previously approved as GIC committee member, she has resigned from GEC so now can be an official voting member of GIC. Please welcome her!


New GIC Mission Statement

  • SB - we need to have a vote on the new GIC mission statement: To expand the engagement of OWASP and its mission amongst the public and private sector verticals, through outreach; including presentations, development of position papers and collaborative efforts. The Global Industry Committee serves as the voice of OWASP within the public and private sector and the channel through which OWASP aligns its efforts to the demands of the market.
  • SB to send out email to committee members for an official vote.


Committee Governance

  • SB - The Conferences Committee has put together a basic committee governance structure: http://www.owasp.org/index.php/Global_Conferences_Committee_Governance Can we adopt a slightly modified (to fit the GIC's initiatives) version? What changes would people like to see?
  • NK put together a version of this for the Education Committee and thinks it is a good idea for us to follow this same model.
  • SB to format version for GIC and send out to Committee for comment and vote.


Lucas Ferreira's Open Letter to the Brazilian Government


FSIAC Summit

  • FSISAC Summit - May 2. JB plans to attend and arrive a day early to promote OWASP and the GIC mission. He will follow up after the event with the committee.

Jeff Williams' email on outreach to other communities

  • Jeff's email to OWASP leaders yesterday re: Outreach --> Should GIC play a role in this effort?
  • CW - other OWASP leaders already involved including Dave Wichers and John Wilander (with Developers Group), not sure the GIC has the bandwidth to take this on.
  • JB - table this discussion for later.


National Volunteer Week

  • April 10-16 is National Volunteer Week -- What can the GIC do to leverage this and promote our efforts? How can we raise awareness of the great things we are doing globally?
    • The OWASP Foundation is a 99.9% volunteer driven organization! Let’s take this time to recognize those volunteers who have dedicated their time and talent to making the universe safer for the rest of us.
    • Stats: Mailing list of 25,000, 135 active projects, 70 active chapters globally, volunteer organized conferences on every continent, committees, influencing education and government
  • SB - All committee members are encouraged to use this opportunity to promote OWASP as well as the GIC -- blog, tweet and whatever other social media you use can be a chance to spread the word.
  • No comments from other committee members.

Open Form

  • No other new business or comments.


Next Meeting

TBD

  • +1 877 534 8500 or International +1 513 534 8500
  • Passcode 410105 #


Summary

Post-Meeting Deliverables for SB

  • SB to follow up and get list of attendees from Fabio and Eoin, from there we can figure out who to get involved/invite for breakout sessions.
  • SB to send out email regarding new GIC mission statement to committee members for an official vote.
  • SB to format version of GCC's committee governance doc for GIC and send out for comment and vote.
  • SB - to follow up with Lucas let him know that we understand he is following up with other Brazilian chapters, in the mean time GIC will circulate document. We hope to have a unified statement /support to provide the document soon.

Deliverables for others

  • NK has agreed to put together a ppt for the GIC to use in outreach efforts. She is looking for feedback on what committee members want in the presentation, and will follow up with an email to the GIC. Also, after she puts together a finished product in the upcoming weeks, she will send a draft to rest of committee for review.
  • RB to send out Survey Project Plan to GIC in the next couple weeks.
  • All Committee Members
    • Review (if have not already) Lucas Ferreira's Open Letter to Brazilian Government
    • Consider/come up with ideas what GIC or OWASP can offer as a ROI to potential corporate sponsors such as Google.
    • Consider new Committee Governance Plan
    • Vote on new GIC mission Statement

Update: Record of Mission Statement Vote

Vote yes or no to adopt new mission statement for GIC.

  • Joe Bernik- YES
  • Lorna Alamri- <no vote received>
  • Rex Booth-YES
  • Georg Hess-<no vote received>
  • Eoin Keary-Yes
  • David Campbell-YES
  • Colin Watson - YES
  • Alexander Fry-YES
  • Nishi Kumar-YES
  • Mauro Flores-YES
  • Mateo Martinez-YES

Return to Global Industry Committee or Global Committee Pages.