Difference between revisions of "Industry:Minutes 2011-05-13"

From OWASP
Jump to: navigation, search
(Created page with "==Agenda Friday, May 15 2011 Meeting== ===Open GIC Action Items=== *GIC working session at AppSec EU - do we have a day and time nailed down? Who are we inviting? *OWASP Awar...")
 
Line 1: Line 1:
==Agenda Friday, May 15 2011 Meeting==
+
==Agenda Friday, May 13 2011 Meeting==
  
===Open GIC Action Items===
+
===Information on GIC Working Sessions at AppSec EU===
 +
*3 sessions on Friday, June 10 2011 (second day of the conference)
 +
**1st session:GIC Outreach Presentation 10:15-11:00 am, presented by Nishi Kumar<br/>The purpose for this session is to help organizations understand why application security is important and how OWASP can help in making their applications more secure. It will give them an opportunity to learn what documentation, training, architecture, tools and infrastructure is available. The best part is all these materials are free. OWSAP provides the solution for their application security needs. We are also looking to improve collaboration by helping get more organization participating in OWASP projects. This will help us ensure that we account for the various needs of industry and develop well vetted best practices.<br/>[http://code.google.com/p/owasp-cbt-project/downloads/list Security For Managers And Executives - Industry Outreach Presentation ]&nbsp;
 +
**2nd session: Gathering Information - Industry CISO Survey 12:05-12:50 pm, presented by Rex Booth
 +
**3rd session: Industry Roundtable discussion 3:00-3:45 pm, presented by Sarah Baso with remote participation by Joe Bernik<br/>Discussion format based on questions such as: How can GIC become more relevant and work to achieve a better working relationship with industry verticals? What ROI would companies find valuable when sponsoring/supporting OWASP?
  
 +
*Goal(s) of the GIC sessions at AppSec EU: As also discussed on the last two calls is to overall work toward achieving the GIC's 2011 committee initiatives -- most importantly 1) Engage in discussion with the appsec community (and various industry verticals) to learn how GIC can become more relevant in the context of Industry.  2) Communicate with people not currently involved in OWASP about what OWASP and OWASP Tools can offer their organizations and determine what things are not currently being offered to them that would make them interested in sponsoring/supporting OWASP.
  
*GIC working session at AppSec EU - do we have a day and time nailed down? Who are we inviting?
+
*Eoin also will be rolling out his GASS Survey (on survey monkey) during the conference and we hope to work that in to one of the sessions.
 +
 
 +
===Discussion items for Call===
 +
*AppSec EU working sessions
 +
**Thoughts on who we can send invitations out to for the GIC working sessions?
 +
**How can we incentivize attendance at these sessions (or mitigate any opportunity cost for attendees)?
 +
**What questions (if any) should be included in the roundtable discussion?
 +
**Update from Nishi on her presentation and session
 +
**Update from Rex on his CISO survey and session
 
*OWASP Awards for AppSec USA - what and who?  
 
*OWASP Awards for AppSec USA - what and who?  
*Ideas for what GIC or OWASP can offer as a ROI to potential corporate sponsors
 
 
*Joe Bernik - feedback from FS-ISAC conference
 
*Joe Bernik - feedback from FS-ISAC conference
 
*Rex Booth - Status update on CISO survey project plan: type of information we are trying to elicit, some of the initial drafts of the questions
 
* Nishi Kumar - Status update on slide show for GIC outreach
 
 
 
===New Items===
 

Revision as of 19:25, 12 May 2011

Agenda Friday, May 13 2011 Meeting

Information on GIC Working Sessions at AppSec EU

  • 3 sessions on Friday, June 10 2011 (second day of the conference)
    • 1st session:GIC Outreach Presentation 10:15-11:00 am, presented by Nishi Kumar
      The purpose for this session is to help organizations understand why application security is important and how OWASP can help in making their applications more secure. It will give them an opportunity to learn what documentation, training, architecture, tools and infrastructure is available. The best part is all these materials are free. OWSAP provides the solution for their application security needs. We are also looking to improve collaboration by helping get more organization participating in OWASP projects. This will help us ensure that we account for the various needs of industry and develop well vetted best practices.
      Security For Managers And Executives - Industry Outreach Presentation  
    • 2nd session: Gathering Information - Industry CISO Survey 12:05-12:50 pm, presented by Rex Booth
    • 3rd session: Industry Roundtable discussion 3:00-3:45 pm, presented by Sarah Baso with remote participation by Joe Bernik
      Discussion format based on questions such as: How can GIC become more relevant and work to achieve a better working relationship with industry verticals? What ROI would companies find valuable when sponsoring/supporting OWASP?
  • Goal(s) of the GIC sessions at AppSec EU: As also discussed on the last two calls is to overall work toward achieving the GIC's 2011 committee initiatives -- most importantly 1) Engage in discussion with the appsec community (and various industry verticals) to learn how GIC can become more relevant in the context of Industry. 2) Communicate with people not currently involved in OWASP about what OWASP and OWASP Tools can offer their organizations and determine what things are not currently being offered to them that would make them interested in sponsoring/supporting OWASP.
  • Eoin also will be rolling out his GASS Survey (on survey monkey) during the conference and we hope to work that in to one of the sessions.

Discussion items for Call

  • AppSec EU working sessions
    • Thoughts on who we can send invitations out to for the GIC working sessions?
    • How can we incentivize attendance at these sessions (or mitigate any opportunity cost for attendees)?
    • What questions (if any) should be included in the roundtable discussion?
    • Update from Nishi on her presentation and session
    • Update from Rex on his CISO survey and session
  • OWASP Awards for AppSec USA - what and who?
  • Joe Bernik - feedback from FS-ISAC conference