[Global_conference_committee] GCC VOTE: GCC 2011 Plan

Ralph Durkee rd at rd1.net
Mon Dec 13 10:14:41 EST 2010


I added some edits and comments in blue , most of it was along the lines
of what has been discussed.  Resend, due to list problems. Sorry if it's
a duplicate.

-- Ralph

On 12/12/2010 4:24 PM, Mark Bristow wrote:
> GCC Members,
>
> Based on friday's meeting, I've slightly modified the plan (mainly
> around the travel initiative).  I'd like for us to vote on and approve
> this plan.  We will go with 50% + 1 Voting model.
>
> If approved, I will parse out the changes we need to take to the
> board, and provide to them (via Kate) these items (such as budget and
> signature authority).
>
> Mark Bristow: Approve
> John Wilander: 
> Lucas Ferreira: 
> Richard Greenberg: 
> Ralph Durkee: 
> Neil Matatall: 
> Cassio Goldschmidt: 
>
> ==========
> Goals
>
>    1. Have a Global Appsec in NA, SA,
>
>       EU, Asia in 2011
>    2. Promote OWASP
>
>       Projects/Initiatives at OWASP Conferences
>    3. Enhance Services for Conference
>
>       Planners
>    4. Reach out to developers (have
>
>       20% of attendees in a dev position)
>    5. Reach out to non-members (have
>
>       70% of attendees at cons non-members)
>    6. Bring more into the fold
>
>       (Generate 300 new/renewed members at conferences)
>    7. Streamline Sponsorships (Global
>
>       Conference Sponsors, Targeted Conference Sponsors)
>    8. Revise GCC Governance
>    9. Have a profit of $200k in 2011
>
>       across all conferences
>
>
>
> Policy
>
> Changes
>
>     * Change
>
>       Conference Types to include:
>           o OWASP Global AppSec
>
>             Conferences (Currently AppSec Conferences)
>           o OWASP AppSec Conferences (*Title* can only be
>
>             used by global cons, and by conferences who have
>
>             already used this name twice by the end of 2011,
>
>             moving forward, only new Global AppSecs can use this
>
>             name)
>           o OWASP Regional/Theme
>
>             Conference (currently Regional, *DROP *all regional cons
>
>             will now have to have a unique theme,
>
>             development, PHP, Government, Browsers …..)
>     * GCC
>       Member attendance at
>
>       conferences Global AppSec and Regional/Theme level cons
>
>       (as available by GCC members and budget)
>           o GCC Representative shall not
>
>             be intimately involved with the conference planning to
>
>             provide an objective assessment.
>           o Members will have the
>
>             opportunity to request travel to scheduled events and
>
>             travel will be assigned based on proximity to the
>
>             event, cost and member availability.
>           o Travel policy to be defined
>
>             under new governance document
>           o GCC member shall interface
>
>             with the local planning committee at least 1 month
>
>             before trip (attend planning call)
>           o Interact with
>
>             planners/attendees while at conference
>           o At the next GCC meeting the
>
>             traveling member will be expected to provide an post
>
>             trip report covering
>                 + Assessment of
>
>                   facility
>                 + Event
>
>                   Marketing Strategy
>                 + Examination
>
>                   of Event Budget
>                 + Estimation
>
>                   of Speaker Quality
>
                * Talk to Sponsors, Is it a quality and cost-effective
                  event from their perspective?
                * Talk to Attendees?

>                 + Any
>
>                   notable comments from planners/attendees
>                 + Any
>
>                   unique outstanding elements
>                 + Any
>
>                   issues
>     * GCC
>       Member signature authority
>
>       for OWASP (Leverage By-Lawys Article VI Section 1 -
>
>       Designate as Agent)
>           o Alleviate need of OWASP Board
>
>             to sign contracts (currently a significant bottleneck)
>           o All conference related
>
>             contracts will be required to go through the GCC
>           o In general will be
>
>             responsibility of Chair, however all committee members
>
>             shall be authorized to sign on conference business (no
>
>             single point of failure)
>           o GCC members will not be
>
>             permitted to sign contracts for conferences they
>
>             organize (except when signature is required
>
>             immediately)
>           o Requires Board Vote (*This sweems a little out of place,
>
>             I would assume the whole goverance would go to the
>
>             board)*
>     * All
>       OWASP Branded events MUST
>
>       use conference mgmt system to use brand (must be
>
>       enforced)Local chapter events use
>
>       the brand, I don't think we can or should state this
>
>       so broadly)
>           o See initiatives *( I think we want to hold out on
>
>             the MUST for this until we have shown we have a
>
>             good process)*
>           o It’s important to manage the
>
>             schedule and enforce brand management
>           o Any conference not registered
>
>             & approved will receive no funds or support (This is only
>             part that's do-able
>
>             upfront.)
>     * All
>       Global AppSec and
>
>       Regional/Theme conferences must have OWASP Track (Change to
>       encourage for regional and
>
>       themed comferemces)
>           o See Initiatives, joint venture
>
>             with Projects Committee
>
>
>
> Initiatives
>
>     * OWASP
>
>       Conference management system (Goal 1, 3)
>           o We need a system to take in
>
>             applications for events, vett them, approve them, and
>
>             schedule them.  The current process of people emailing
>
>             Kate, Me or the board is not acceptable with the
>
>             number of events we have
>           o I see this as critical to
>
>             establishing control over the OWASP schedule and is a
>
>             top priority
>     * OWASP
>       AppSec Track (Goal 2)
>           o Partnership with projects
>
>             committee
>           o Have a cadre of speakers,
>
>             ready to go with presentations about OWASP
>
>             projects/activities
>           o Encourage
>
>             all OWASP Regional and AppSec events to have an
>
>             “OWASP Track” of at least 6 presentations from this
>
>             pool, managed, selected, and funded by the GCC and the
>
>             GPC
>     * OWASP
>       Global Con Sponsors (Goal
>
>       3, 7)
>           o Provide unified sponsorships
>
>             for the Global AppSec Conferences
>           o Split revenues among
>
>             individual conferences budget
>           o Streamlines our sponsorships
>           o Does not interfere with
>
>             existing conference sponsorships
>     * Central
>       conference support
>
>       services  (Goal 3)
>           o Investigate for-hire
>
>             international conference support companies
>           o Investigate costs for hiring
>
>             conference organizer
>           o Get board approval
>     * Conference
>       Marketing (Goal 3)
>           o OWASP Conference Twitter
>
>             accounts
>           o OWASP Conference Domain Names
>                 + Register Names
>
>                   only
>                 + http://www.AppSecNA.org
>                 + http://www.AppSecUS.org
>                 + http://www.AppSecEU.org
>                 + http://www.AppSecAsia.org
>                 + http://www.AppSecSA.org <http://www.appsecsa.org/>
>                 + If
>
>                   already owned by a conference, buy them out/transfer
>                   to GCC
>
>                   Control
>                 + GCC
>
>                   will re-direct to any hosting service once the
>
>                   conference has been assigned
>                 + Conference
>
>                   can still register AppSecUS2011.org and we can just
>
>                   redirect as appropriate
>                 + Helps
>
>                   maintain consistency in URLs between years
>           o Conference Twitter Accounts
>                 + Like domains,
>
>                   turned over to planners for their use as appropriate
>                 + @OWASPConfrences
>
>                   – held by the GCC for announcements
>                 + @OWASPAppSec
>
>                   – held by the GCC for announcements
>                 + @AppSecNA
>                 + @AppSecUS
>                 + @AppSecEU
>                 + @AppSecAsia
>                 + @AppSecSA
>           o Use of Short URLS on the owasp.org <http://owasp.org>
>
>             website
>                 + ex https://owasp.org/AppSecBR
>
>                   points to the wiki page for this year’s conference
>           o Regional Targeted Mailing
>
>             Lists
>                 + To reduce OWASP
>
>                   All traffic
>     * OWASP
>       Merchandise Model(Goal 3,
>
>       Goal9)
>           o A shippable “OWASP Store” with
>
>             OWASP branded items for sale at conferences
>           o Already exists, just need to
>
>             formalize
>     * OWASP
>       Conference Marketing
>
>       (global, regional, electronic, print) (Goal 4,5,6)
>           o Procure Booth space at
>
>             developer focused conferences
>           o Provide budget for OWASP
>
>             Schwag for use at OWASP Booths in other conferences
>           o Evaluate other advertising
>
>             mechanisms for conferences
>
>
>
> Budget
>
>     * $5000 for conference support
>
>       (schwag/tables) targeting developer conferences
>     * $500 OWASP GCC Technology Needs
>           o Mainly
>             Domain Names
>     * $15,000, OWASP Track Travel
>
>       expenses (cap, will try and get indv company
>
>       sponsorships)
>     * $10,000 GCC Member at all
>
>       conferences (approx $1500/AppSec, $800 Regional)
>
>
>
> Technology
>
> Needs
>
>     * conferences at owasp.org <mailto:conferences at owasp.org> account
>       (managed by chair,
>
>       redirects to all GCC Members, for registration of
>
>       domains, twitter et all)
>     * Regional Mailing List solution
>     * Short URLS (http://www,owasp.org/AppSecBR
>       <http://owasp.org/AppSecBR>)
>     * http://conferences.owasp.org
>       <https://docs.google.com/a/owasp.org/document/d/1sOs9dY9zKLlLaaJMcOvz2nhM8T2OAWQlVciAGM5c5XA/edit?hl=en> (redirect
>       to conference wiki
>
>       page)
>     * Event Management Solution
>     * Conference Twitter/Email
>
>       Accounts/domain names
>    *
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_conference_committee/attachments/20101213/b41204cd/attachment-0001.html 


More information about the Global_conference_committee mailing list