[Global_conference_committee] GCC VOTE: GCC 2011 Plan
Ralph Durkee
rd at rd1.net
Mon Dec 13 10:14:41 EST 2010
I added some edits and comments in blue , most of it was along the lines
of what has been discussed. Resend, due to list problems. Sorry if it's
a duplicate.
-- Ralph
On 12/12/2010 4:24 PM, Mark Bristow wrote:
> GCC Members,
>
> Based on friday's meeting, I've slightly modified the plan (mainly
> around the travel initiative). I'd like for us to vote on and approve
> this plan. We will go with 50% + 1 Voting model.
>
> If approved, I will parse out the changes we need to take to the
> board, and provide to them (via Kate) these items (such as budget and
> signature authority).
>
> Mark Bristow: Approve
> John Wilander:
> Lucas Ferreira:
> Richard Greenberg:
> Ralph Durkee:
> Neil Matatall:
> Cassio Goldschmidt:
>
> ==========
> Goals
>
> 1. Have a Global Appsec in NA, SA,
>
> EU, Asia in 2011
> 2. Promote OWASP
>
> Projects/Initiatives at OWASP Conferences
> 3. Enhance Services for Conference
>
> Planners
> 4. Reach out to developers (have
>
> 20% of attendees in a dev position)
> 5. Reach out to non-members (have
>
> 70% of attendees at cons non-members)
> 6. Bring more into the fold
>
> (Generate 300 new/renewed members at conferences)
> 7. Streamline Sponsorships (Global
>
> Conference Sponsors, Targeted Conference Sponsors)
> 8. Revise GCC Governance
> 9. Have a profit of $200k in 2011
>
> across all conferences
>
>
>
> Policy
>
> Changes
>
> * Change
>
> Conference Types to include:
> o OWASP Global AppSec
>
> Conferences (Currently AppSec Conferences)
> o OWASP AppSec Conferences (*Title* can only be
>
> used by global cons, and by conferences who have
>
> already used this name twice by the end of 2011,
>
> moving forward, only new Global AppSecs can use this
>
> name)
> o OWASP Regional/Theme
>
> Conference (currently Regional, *DROP *all regional cons
>
> will now have to have a unique theme,
>
> development, PHP, Government, Browsers …..)
> * GCC
> Member attendance at
>
> conferences Global AppSec and Regional/Theme level cons
>
> (as available by GCC members and budget)
> o GCC Representative shall not
>
> be intimately involved with the conference planning to
>
> provide an objective assessment.
> o Members will have the
>
> opportunity to request travel to scheduled events and
>
> travel will be assigned based on proximity to the
>
> event, cost and member availability.
> o Travel policy to be defined
>
> under new governance document
> o GCC member shall interface
>
> with the local planning committee at least 1 month
>
> before trip (attend planning call)
> o Interact with
>
> planners/attendees while at conference
> o At the next GCC meeting the
>
> traveling member will be expected to provide an post
>
> trip report covering
> + Assessment of
>
> facility
> + Event
>
> Marketing Strategy
> + Examination
>
> of Event Budget
> + Estimation
>
> of Speaker Quality
>
* Talk to Sponsors, Is it a quality and cost-effective
event from their perspective?
* Talk to Attendees?
> + Any
>
> notable comments from planners/attendees
> + Any
>
> unique outstanding elements
> + Any
>
> issues
> * GCC
> Member signature authority
>
> for OWASP (Leverage By-Lawys Article VI Section 1 -
>
> Designate as Agent)
> o Alleviate need of OWASP Board
>
> to sign contracts (currently a significant bottleneck)
> o All conference related
>
> contracts will be required to go through the GCC
> o In general will be
>
> responsibility of Chair, however all committee members
>
> shall be authorized to sign on conference business (no
>
> single point of failure)
> o GCC members will not be
>
> permitted to sign contracts for conferences they
>
> organize (except when signature is required
>
> immediately)
> o Requires Board Vote (*This sweems a little out of place,
>
> I would assume the whole goverance would go to the
>
> board)*
> * All
> OWASP Branded events MUST
>
> use conference mgmt system to use brand (must be
>
> enforced)Local chapter events use
>
> the brand, I don't think we can or should state this
>
> so broadly)
> o See initiatives *( I think we want to hold out on
>
> the MUST for this until we have shown we have a
>
> good process)*
> o It’s important to manage the
>
> schedule and enforce brand management
> o Any conference not registered
>
> & approved will receive no funds or support (This is only
> part that's do-able
>
> upfront.)
> * All
> Global AppSec and
>
> Regional/Theme conferences must have OWASP Track (Change to
> encourage for regional and
>
> themed comferemces)
> o See Initiatives, joint venture
>
> with Projects Committee
>
>
>
> Initiatives
>
> * OWASP
>
> Conference management system (Goal 1, 3)
> o We need a system to take in
>
> applications for events, vett them, approve them, and
>
> schedule them. The current process of people emailing
>
> Kate, Me or the board is not acceptable with the
>
> number of events we have
> o I see this as critical to
>
> establishing control over the OWASP schedule and is a
>
> top priority
> * OWASP
> AppSec Track (Goal 2)
> o Partnership with projects
>
> committee
> o Have a cadre of speakers,
>
> ready to go with presentations about OWASP
>
> projects/activities
> o Encourage
>
> all OWASP Regional and AppSec events to have an
>
> “OWASP Track” of at least 6 presentations from this
>
> pool, managed, selected, and funded by the GCC and the
>
> GPC
> * OWASP
> Global Con Sponsors (Goal
>
> 3, 7)
> o Provide unified sponsorships
>
> for the Global AppSec Conferences
> o Split revenues among
>
> individual conferences budget
> o Streamlines our sponsorships
> o Does not interfere with
>
> existing conference sponsorships
> * Central
> conference support
>
> services (Goal 3)
> o Investigate for-hire
>
> international conference support companies
> o Investigate costs for hiring
>
> conference organizer
> o Get board approval
> * Conference
> Marketing (Goal 3)
> o OWASP Conference Twitter
>
> accounts
> o OWASP Conference Domain Names
> + Register Names
>
> only
> + http://www.AppSecNA.org
> + http://www.AppSecUS.org
> + http://www.AppSecEU.org
> + http://www.AppSecAsia.org
> + http://www.AppSecSA.org <http://www.appsecsa.org/>
> + If
>
> already owned by a conference, buy them out/transfer
> to GCC
>
> Control
> + GCC
>
> will re-direct to any hosting service once the
>
> conference has been assigned
> + Conference
>
> can still register AppSecUS2011.org and we can just
>
> redirect as appropriate
> + Helps
>
> maintain consistency in URLs between years
> o Conference Twitter Accounts
> + Like domains,
>
> turned over to planners for their use as appropriate
> + @OWASPConfrences
>
> – held by the GCC for announcements
> + @OWASPAppSec
>
> – held by the GCC for announcements
> + @AppSecNA
> + @AppSecUS
> + @AppSecEU
> + @AppSecAsia
> + @AppSecSA
> o Use of Short URLS on the owasp.org <http://owasp.org>
>
> website
> + ex https://owasp.org/AppSecBR
>
> points to the wiki page for this year’s conference
> o Regional Targeted Mailing
>
> Lists
> + To reduce OWASP
>
> All traffic
> * OWASP
> Merchandise Model(Goal 3,
>
> Goal9)
> o A shippable “OWASP Store” with
>
> OWASP branded items for sale at conferences
> o Already exists, just need to
>
> formalize
> * OWASP
> Conference Marketing
>
> (global, regional, electronic, print) (Goal 4,5,6)
> o Procure Booth space at
>
> developer focused conferences
> o Provide budget for OWASP
>
> Schwag for use at OWASP Booths in other conferences
> o Evaluate other advertising
>
> mechanisms for conferences
>
>
>
> Budget
>
> * $5000 for conference support
>
> (schwag/tables) targeting developer conferences
> * $500 OWASP GCC Technology Needs
> o Mainly
> Domain Names
> * $15,000, OWASP Track Travel
>
> expenses (cap, will try and get indv company
>
> sponsorships)
> * $10,000 GCC Member at all
>
> conferences (approx $1500/AppSec, $800 Regional)
>
>
>
> Technology
>
> Needs
>
> * conferences at owasp.org <mailto:conferences at owasp.org> account
> (managed by chair,
>
> redirects to all GCC Members, for registration of
>
> domains, twitter et all)
> * Regional Mailing List solution
> * Short URLS (http://www,owasp.org/AppSecBR
> <http://owasp.org/AppSecBR>)
> * http://conferences.owasp.org
> <https://docs.google.com/a/owasp.org/document/d/1sOs9dY9zKLlLaaJMcOvz2nhM8T2OAWQlVciAGM5c5XA/edit?hl=en> (redirect
> to conference wiki
>
> page)
> * Event Management Solution
> * Conference Twitter/Email
>
> Accounts/domain names
> *
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_conference_committee/attachments/20101213/b41204cd/attachment-0001.html
More information about the Global_conference_committee
mailing list