OWASP CISO Survey Project
OWASP CISO Survey and Report
Among application security stakeholders, Chief Information Security Officers (CISOs),are responsible for application security from governance, compliance and risk perspectives. The OWASP CISO Survey provides tactical intelligence about security risks and best practices to help CISOs manage application security programs according to their own roles, responsibilities, perspectives and needs.
And the latest release is here OWASP CISO Survey
New CISO Survey 2014 Questionnaire is out!
Please help us and share it with your security manager to fill it out Questionnaire is available in:
Questions and getting involved
If you have questions or like to actively support and participate in this project, please join the project mailing list or feel free to send an email to the project lead at tobias.gondrom (at) owasp.org.
The OWASP CISO Survey Report is free to use. It is licensed under the http://creativecommons.org/licenses/by-sa/3.0/ Creative Commons Attribution-ShareAlike 3.0 license], so you can copy, distribute and transmit the work, and you can adapt it, and use it commercially, but all provided that you attribute the work and if you alter, transform, or build upon this work, you may distribute the resulting work only under the same or similar license to this one.
© OWASP Foundation
The CISO Survey Report 2013 includes:
News and Events
This project can be purchased as a print on demand book from Lulu.com.
Currently under Discussion
Draft of CISO Survey 2014 Questionnaire
old version 2013
Here you can find the draft for the old version in 2013 (note this is not identical with the final released version). Industry:GIC_CISO_Survey_2013
As of January 2014, the priorities are:
- Announce and promote v1.0 at AppSec APAC, EU and US and CISO events
- Gain support and additional contributors
- Initiate the next version 2014 and secure to reach out to a larger audience
Involvement in the development and promotion of the CISO Survey Report is actively encouraged. You do not have to be a security expert in order to contribute. Some of the ways you can help:
- Review the text
- Graphical design for the report and diagrams
- Send out Survey to the Security Manager Community
- Data Analysis
- Begin 2013: Send out Survey
- Sep-30, 2013: Close Survey - done
- Oct 2013: analyze data and write report
- Jan 2014: release of the CISO report 2013
- May 2014: prepare the next revision of the CISO survey
- June 2014: start sending out questionnaires
- September 2014: Close Survey 2014
- Oct 2014: Analyze Data and write report
- Dec 2014: release CISO report 2014
Please participate through the project's mailing list.
Contributors for the CISO Survey 2014
The CISO Survey 2014 was authored, edited and reviewed by a worldwide team of volunteers.
For translation and support promoting the questionnaire
Volunteers for the CISO Survey 2013
The CISO Survey 2013 was authored, edited and reviewed by a worldwide team of volunteers.
And many more helping hands from OWASP chapters around the world and the former Global Industry Committee, providing input, designing questions, translating and sending out the survey questions around the globe. Thank you all! We couldn't have done it without you!
(As this was a great team effort of many hands over a long period of time, if I forgot someone, I apologize and please just drop me a message so I can add you to the list...)
(if you can help us send out the questionnaire to your contact base, so that we can reach a broader population of CISOs, you are invited to join the team and your company can be listed as one of the contributors to the project. (to place your logo as sponsor organization please see sponsorship opportunities below) (in alphabetical order)
We thank specially thank our project sponsors. Their donations help us make this again a high quality report for the year 2014:
| PROJECT INFO
What does this OWASP project offer you?
| RELEASE(S) INFO|
What releases are available for this project?