[Global_industry_committee] New GIC members

David Campbell dcampbell at owasp.org
Mon Nov 23 10:31:31 EST 2009


Me too

On Nov 22, 2009, at 6:37, Rex Booth <rex.booth at owasp.org> wrote:

> I support this.
>
> On Nov 21, 2009, at 11:09 AM, Eoin <eoin.keary at owasp.org> wrote:
>
>> I mentioned this to Colin during the Summit. I am happy for him to  
>> lead also.
>>
>>
>> 2009/11/21 Tom Brennan - OWASP <tomb at owasp.org>
>> Thanks for adding this Colin.
>>
>> One of the items from the Summit is identification of a committee  
>> chair.  With your efforts thus far in 2009 I would like to NOMINATE  
>> you from withing our group to that role (others.. do you support  
>> this?)  Moving forward, that role is welcomed to hand the torch off  
>> to anyone else on the committee at any time should they wish to  
>> recognize leadership, effort or as a result of lack of time and we  
>> can use the annual summit as a get together as we did this year.
>>
>> As we figure this out together as a committee....  there are (2)  
>> items that we are evolving;
>>
>> (these are my thoughts and I welcome debate on this or agreement,  
>> then we do it)
>>
>> What we have now =  http://www.owasp.org/index.php/Global_Industry_Committee
>>
>> Our charter has been ( taken from the following page: http://www.owasp.org/index.php/Global_Committee_Pages 
>> )
>> Industry
>>
>> Start outreach to critical infrastructures worldwide such as:
>> electricity generation, transmission and distribution;
>> gas production, transport and distribution;
>> oil and oil products production, transport and distribution;
>> telecommunication;
>> water supply (drinking water, waste water/sewage, stemming of  
>> surface water (e.g. dikes and sluices));
>> agriculture, food production and distribution;
>> heating (e.g. natural gas, fuel oil, district heating);
>> public health (hospitals, ambulances);
>> transportation systems (fuel supply, railway network, airports,  
>> harbors, inland shipping);
>> financial services (banking, clearing);
>> security services (police, military).
>> ...they all use web applications...some even protect human life as  
>> well as PII and credit cards :)
>>
>> Identify issues or "efforts" like the Browser Working Group and  
>> others, the group should invite Industry CIO/CISO's (perhaps as a  
>> "value" of corporate membership support) to want to publicly  
>> collaborate on a document of industry needs that can add value to  
>> having the support of OWASP Foundation for the greater good of  
>> secure software, a internet based global economic platform and  
>> humanitarian needs worldwide
>> So as we continue to evolve this means;
>>
>> * Industry Outreach - Providing a mechanism to collect the  
>> requirements of industry and be a unified voice for the consumer  
>> (business or end-user) of web application. This requires SIG  
>> (special interest groups) with appointments to roles. Example:  If  
>> my pal Richard Branson CEO of Virgin Airlines wanted to be a  
>> industry adviser for OWASP to support and add his creditability to  
>> the mission, that is a "token" role + with mutual acceptance this  
>> type of thing would give us access to a industry vertical (airlines  
>> example) and we could collect data from that segment from our  
>> conduits and additional supporting corporations so they can have a  
>> voice to the example framework, browser, governments etc... (could  
>> you see Dinis on Capital Hill or in Parliament talking about OWASP  
>> hahahaha)  We have already had several folks accept agree to help  
>> us with this industry movement that can also help serve the bigger  
>> picture of owasp mission. One thing that you will fid with such  
>> appointments is that you don't just get (1) person with a big  
>> title... typically you get that person and a team within that  
>> persons world to drive a measurable task that they are responsible  
>> for.  This also serves as a conduit for owasp connections people-to- 
>> people.
>>
>> * Industry Injection - Providing input and feedback to influence  
>> the documentation, policies pretty obvious to point out  
>> accomplishments thus far such as http://www.owasp.org/index.php/Global_Industry_Committee#Completed_Items 
>>  in addition to best practices and information provided to the  
>> world that we are already doing projects/papers etc...  The more  
>> the better actually and  we can drive this with a task force /  
>> tiger team / group of people that wish to focus on a single  
>> measurable effort together and OWASP can justify this by doing a  
>> working group of XX people to spend time together to knock out a  
>> task.  This was of course the primary focus in 2009 to get us  
>> reference materials as we continue.
>>
>> So...  the 1st edit of http://www.owasp.org/index.php/Global_Committee_Pages 
>>  that I did was to add Special Interest Group and adding of Jim,  
>> Jim and Joe that were conceived to facilitate outreach to industry.  
>> This morning morning looked at it again and noted your change of  
>> the India Board, http://www.owasp.org/index.php/OWASP_India_Advisory_Board 
>> .   I see this as a regional group of people focused on a region of  
>> the world.
>>
>> So we have to make a choice.
>>
>> On the Committee Page we do we add buckets by special interest  
>> group/industry vertical type globally OR do we break it out by  
>> regions of the world and then SIG's special interest group/industry  
>> vertica within the region of the world.
>>
>> It would seem that it should be Global Industry Committee /   
>> Regional Industry Committee / Special Interest Group / Vertical  
>> would you guys agree?
>>
>> Once we have a revised and agreed plan we can then start pulling  
>> all the people together, not trying to make it complex rather a  
>> structure that can allow us to plug in energy and a mechanism that  
>> can scale out of the gate.
>>
>> Finally - the OWASP-CRM project should be live by 12/15 and we will  
>> be able to start using it for this purpose as well http://www.owasp.org/index.php/Category:OWASP_CRM_Project
>>
>> Thoughts discussion?
>>
>> hit me up on skype (jinxpuppy) to discuss more.
>>
>>
>>
>>
>>
>> On Sat, Nov 21, 2009 at 5:01 AM, Colin Watson  
>> <colin.watson at owasp.org> wrote:
>> Three new GIC members added to:
>>
>> http://www.owasp.org/index.php/Global_Committee_Pages
>> http://www.owasp.org/index.php/Global_Industry_Committee
>>
>> Colin
>>
>> 2009/11/19 Tom Brennan - OWASP <tomb at owasp.org>:
>> > Simply add them to the page - people are volunteering to give  
>> time and
>> > energy - lets not make it complicated to do so.
>> >
>> > Then when they take on a task, that is how we measure  
>> effectiveness.
>>
>>
>>
>> -- 
>> Tom Brennan
>> http://www.linkedin.com/in/tombrennan
>> (973) 506-9303
>>
>> _______________________________________________
>> Global_industry_committee mailing list
>> Global_industry_committee at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/global_industry_committee
>>
>>
>>
>>
>> -- 
>> Eoin Keary
>> OWASP Board Member
>> OWASP Code Review Guide Lead Author
>> OWASP Ireland Chapter Lead
>> OWASP Global Committee Member (Industry)
>>
>> http://asg.ie/
>> https://twitter.com/EoinKeary
>> _______________________________________________
>> Global_industry_committee mailing list
>> Global_industry_committee at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/global_industry_committee
> _______________________________________________
> Global_industry_committee mailing list
> Global_industry_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_industry_committee
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_industry_committee/attachments/20091123/a05cc7a4/attachment.html 


More information about the Global_industry_committee mailing list