[Global_conference_committee] GCC VOTE: GCC 2011 Plan
Cassio Goldschmidt
cassio at owasp.org
Tue Dec 14 03:20:23 EST 2010
Very nice plan Mark! Here are a couple of suggestions:
each out to non-members (have 70% of attendees at cons non-members) -> I
think the goal should be that *everyone* becomes a member. We
should make the price of conference + membership < price of conference for
all conference.
Require all OWASP Regional and AppSec events to have an “OWASP Track” of at
least 6 presentations from this pool, managed, selected, and funded by the
GCC and the GPC -> Make it a minumum percentage of the total number of
talks. 6 presentations is a huge hit for a 1 day, 1 track conference. I'd
say the percentage should be something around 15% or 18%. A 1 day 3 track
conference would have 1/2 day dedicated to OWASP (4 talks). A 2 day 3 tracks
conference would have an entire track for 1 day. We must be able to ensure
conference organizers can meet these targets without sacrifying quality.
Themes for regional conferences: I agree with Ralph we should drop the theme
idea. Application + Security + Web is a very restrictive theme on itself.
Cassio
On Mon, Dec 13, 2010 at 10:43 AM, Mark Bristow <mark.bristow at owasp.org>wrote:
> On second thought. I'll wait 24 hrs from now for you all to respond before
> setting up re-vote. In case there is any additional discussion.
>
>
> On Mon, Dec 13, 2010 at 1:26 PM, Mark Bristow <mark.bristow at owasp.org>wrote:
>
>> Sorry, I missed all the stuff on encouraging themes, your right. I will
>> submit for re-vote
>>
>> RE:
>>
>>
>> - Requires Board Vote (*This sweems a little out of place, I would
>> assume the whole goverance would go to the board)*
>>
>> Only the Board can provide this authority per the By-Laws
>>
>> RE:
>>
>>
>> - All OWASP Branded events MUST use conference mgmt system to use
>> brand (must be enforced) Local chapter events use the brand, I don't
>> think we can or should state this so broadly)
>> - See initiatives *( I think we want to hold out on the MUST for
>> this until we have shown we have a good process)*
>>
>> Local events should also have to do this. It enforces brand control and
>> gives us visibility into what's going on. The idea is that local events
>> will not require our approval, simply give us oppertunity to not-concurr
>>
>> I agree we need this system in place ASAP. But remember, this is the
>> plan, not all is immediate.
>>
>> -
>>
>>
>> On Mon, Dec 13, 2010 at 7:34 AM, Ralph Durkee <ralph.durkee at owasp.org>wrote:
>>
>>> I added some edits and comments in blue , most of it was along the lines
>>> of what has been discussed.
>>>
>>> -- Ralph
>>>
>>>
>>> On 12/12/2010 4:24 PM, Mark Bristow wrote:
>>>
>>> GCC Members,
>>>
>>> Based on friday's meeting, I've slightly modified the plan (mainly around
>>> the travel initiative). I'd like for us to vote on and approve this plan.
>>> We will go with 50% + 1 Voting model.
>>>
>>> If approved, I will parse out the changes we need to take to the board,
>>> and provide to them (via Kate) these items (such as budget and signature
>>> authority).
>>>
>>> Mark Bristow: Approve
>>> John Wilander:
>>> Lucas Ferreira:
>>> Richard Greenberg:
>>> Ralph Durkee:
>>> Neil Matatall:
>>> Cassio Goldschmidt:
>>>
>>> ==========
>>> Goals
>>>
>>> 1. Have a Global Appsec in NA, SA, EU, Asia in 2011
>>> 2. Promote OWASP Projects/Initiatives at OWASP Conferences
>>> 3. Enhance Services for Conference Planners
>>> 4. Reach out to developers (have 20% of attendees in a dev position)
>>> 5. Reach out to non-members (have 70% of attendees at cons
>>> non-members)
>>> 6. Bring more into the fold (Generate 300 new/renewed members at
>>> conferences)
>>> 7. Streamline Sponsorships (Global Conference Sponsors, Targeted
>>> Conference Sponsors)
>>> 8. Revise GCC Governance
>>> 9. Have a profit of $200k in 2011 across all conferences
>>>
>>>
>>>
>>> Policy Changes
>>>
>>> - Change Conference Types to include:
>>> - OWASP Global AppSec Conferences (Currently AppSec Conferences)
>>> - OWASP AppSec Conferences (*Title* can only be used by global
>>> cons, and by conferences who have already used this name twice by the end of
>>> 2011, moving forward, only new Global AppSecs can use this name)
>>> - OWASP Regional/Theme Conference (currently Regional, *DROP *all
>>> regional cons will now have to have a unique theme, development,
>>> PHP, Government, Browsers …..)
>>> - GCC Member attendance at conferences Global AppSec and
>>> Regional/Theme level cons (as available by GCC members and budget)
>>> - GCC Representative shall not be intimately involved with the
>>> conference planning to provide an objective assessment.
>>> - Members will have the opportunity to request travel to scheduled
>>> events and travel will be assigned based on proximity to the event, cost and
>>> member availability.
>>> - Travel policy to be defined under new governance document
>>> - GCC member shall interface with the local planning committee at
>>> least 1 month before trip (attend planning call)
>>> - Interact with planners/attendees while at conference
>>> - At the next GCC meeting the traveling member will be expected to
>>> provide an post trip report covering
>>> - Assessment of facility
>>> - Event Marketing Strategy
>>> - Examination of Event Budget
>>> - Estimation of Speaker Quality
>>>
>>>
>>> - Talk to Sponsors, Is it a quality and cost-effective event from
>>> their perspective?
>>> - Talk to Attendees?
>>>
>>>
>>> - Any notable comments from planners/attendees
>>> - Any unique outstanding elements
>>> - Any issues
>>> - GCC Member signature authority for OWASP (Leverage By-Lawys
>>> Article VI Section 1 - Designate as Agent)
>>> - Alleviate need of OWASP Board to sign contracts (currently a
>>> significant bottleneck)
>>> - All conference related contracts will be required to go through
>>> the GCC
>>> - In general will be responsibility of Chair, however all
>>> committee members shall be authorized to sign on conference business (no
>>> single point of failure)
>>> - GCC members will not be permitted to sign contracts for
>>> conferences they organize (except when signature is required immediately)
>>> - Requires Board Vote (*This sweems a little out of place, I would
>>> assume the whole goverance would go to the board)*
>>> - All OWASP Branded events MUST use conference mgmt system to use
>>> brand (must be enforced) Local chapter events use the brand, I don't
>>> think we can or should state this so broadly)
>>> - See initiatives *( I think we want to hold out on the MUST for
>>> this until we have shown we have a good process)*
>>> - It’s important to manage the schedule and enforce brand
>>> management
>>> - Any conference not registered & approved will receive no funds
>>> or support (This is only part that's do-able upfront.)
>>> - All Global AppSec and Regional/Theme conferences must have OWASP
>>> Track (Change to encourage for regional and themed comferemces)
>>> - See Initiatives, joint venture with Projects Committee
>>>
>>>
>>>
>>> Initiatives
>>>
>>> - OWASP Conference management system (Goal 1, 3)
>>> - We need a system to take in applications for events, vett them,
>>> approve them, and schedule them. The current process of people emailing
>>> Kate, Me or the board is not acceptable with the number of events we have
>>> - I see this as critical to establishing control over the OWASP
>>> schedule and is a top priority
>>> - OWASP AppSec Track (Goal 2)
>>> - Partnership with projects committee
>>> - Have a cadre of speakers, ready to go with presentations about
>>> OWASP projects/activities
>>> - Encourage all OWASP Regional and AppSec events to have an “OWASP
>>> Track” of at least 6 presentations from this pool, managed, selected, and
>>> funded by the GCC and the GPC
>>> - OWASP Global Con Sponsors (Goal 3, 7)
>>> - Provide unified sponsorships for the Global AppSec Conferences
>>> - Split revenues among individual conferences budget
>>> - Streamlines our sponsorships
>>> - Does not interfere with existing conference sponsorships
>>> - Central conference support services (Goal 3)
>>> - Investigate for-hire international conference support companies
>>> - Investigate costs for hiring conference organizer
>>> - Get board approval
>>> - Conference Marketing (Goal 3)
>>> - OWASP Conference Twitter accounts
>>> - OWASP Conference Domain Names
>>> - Register Names only
>>> - http://www.AppSecNA.org <http://www.appsecna.org/>
>>> - http://www.AppSecUS.org <http://www.appsecus.org/>
>>> - http://www.AppSecEU.org <http://www.appseceu.org/>
>>> - http://www.AppSecAsia.org <http://www.appsecasia.org/>
>>> - http://www.AppSecSA.org <http://www.appsecsa.org/>
>>> - If already owned by a conference, buy them out/transfer to
>>> GCC Control
>>> - GCC will re-direct to any hosting service once the conference
>>> has been assigned
>>> - Conference can still register AppSecUS2011.org and we can
>>> just redirect as appropriate
>>> - Helps maintain consistency in URLs between years
>>> - Conference Twitter Accounts
>>> - Like domains, turned over to planners for their use as
>>> appropriate
>>> - @OWASPConfrences – held by the GCC for announcements
>>> - @OWASPAppSec – held by the GCC for announcements
>>> - @AppSecNA
>>> - @AppSecUS
>>> - @AppSecEU
>>> - @AppSecAsia
>>> - @AppSecSA
>>> - Use of Short URLS on the owasp.org website
>>> - ex https://owasp.org/AppSecBR points to the wiki page for
>>> this year’s conference
>>> - Regional Targeted Mailing Lists
>>> - To reduce OWASP All traffic
>>> - OWASP Merchandise Model(Goal 3, Goal9)
>>> - A shippable “OWASP Store” with OWASP branded items for sale at
>>> conferences
>>> - Already exists, just need to formalize
>>> - OWASP Conference Marketing (global, regional, electronic, print)
>>> (Goal 4,5,6)
>>> - Procure Booth space at developer focused conferences
>>> - Provide budget for OWASP Schwag for use at OWASP Booths in other
>>> conferences
>>> - Evaluate other advertising mechanisms for conferences
>>>
>>>
>>>
>>> Budget
>>>
>>> - $5000 for conference support (schwag/tables) targeting developer
>>> conferences
>>> - $500 OWASP GCC Technology Needs
>>> - Mainly Domain Names
>>> - $15,000, OWASP Track Travel expenses (cap, will try and get indv
>>> company sponsorships)
>>> - $10,000 GCC Member at all conferences (approx $1500/AppSec, $800
>>> Regional)
>>>
>>>
>>>
>>> Technology Needs
>>>
>>> - conferences at owasp.org account (managed by chair, redirects to all
>>> GCC Members, for registration of domains, twitter et all)
>>> - Regional Mailing List solution
>>> - Short URLS (http://www,owasp.org/AppSecBR)
>>> - http://conferences.owasp.org<https://docs.google.com/a/owasp.org/document/d/1sOs9dY9zKLlLaaJMcOvz2nhM8T2OAWQlVciAGM5c5XA/edit?hl=en> (redirect
>>> to conference wiki page)
>>> - Event Management Solution
>>> - Conference Twitter/Email Accounts/domain names
>>> -
>>>
>>>
>>
>>
>> --
>> Mark Bristow
>> (703) 596-5175
>> mark.bristow at owasp.org
>>
>> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
>> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
>> AppSec DC Organizer - https://www.appsecdc.org
>>
>>
>
>
> --
> Mark Bristow
> (703) 596-5175
> mark.bristow at owasp.org
>
> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
> AppSec DC Organizer - https://www.appsecdc.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_conference_committee/attachments/20101214/d3fb6658/attachment-0001.html
More information about the Global_conference_committee
mailing list