[Global_conference_committee] GCC VOTE: GCC 2011 Plan

Cassio Goldschmidt cassio at owasp.org
Tue Dec 14 03:20:23 EST 2010


Very nice plan Mark! Here are a couple of suggestions:

each out to non-members (have 70% of attendees at cons non-members) -> I
think the goal should be that *everyone* becomes a member. We
should make the price of conference + membership < price of conference for
all conference.
Require all OWASP Regional and AppSec events to have an “OWASP Track” of at
least 6 presentations from this pool, managed, selected, and funded by the
GCC and the GPC -> Make it a minumum percentage of the total number of
talks. 6 presentations is a huge hit for a 1 day, 1 track conference. I'd
say the percentage should be something around 15% or 18%. A 1 day 3 track
conference would have 1/2 day dedicated to OWASP (4 talks). A 2 day 3 tracks
conference would have an entire track for 1 day. We must be able to ensure
conference organizers can meet these targets without sacrifying quality.
Themes for regional conferences: I agree with Ralph we should drop the theme
idea. Application + Security + Web is a very restrictive theme on itself.

Cassio

On Mon, Dec 13, 2010 at 10:43 AM, Mark Bristow <mark.bristow at owasp.org>wrote:

> On second thought.  I'll wait 24 hrs from now for you all to respond before
> setting up re-vote.  In case there is any additional discussion.
>
>
> On Mon, Dec 13, 2010 at 1:26 PM, Mark Bristow <mark.bristow at owasp.org>wrote:
>
>> Sorry, I missed all the stuff on encouraging themes, your right.  I will
>> submit for re-vote
>>
>> RE:
>>
>>
>>     - Requires Board Vote (*This sweems a little out of place, I would
>>       assume the whole goverance would go to the board)*
>>
>> Only the Board can provide this authority per the By-Laws
>>
>> RE:
>>
>>
>>    - All OWASP Branded events MUST use conference mgmt system to use
>>    brand (must be enforced) Local chapter events use the brand, I don't
>>    think we can or should state this so broadly)
>>       - See initiatives *( I think we want to hold out on the MUST for
>>       this until we have shown we have a good process)*
>>
>> Local events should also have to do this.  It enforces brand control and
>> gives us visibility into what's going on.  The idea is that local events
>> will not require our approval, simply give us oppertunity to not-concurr
>>
>> I agree we need this system in place ASAP.  But remember, this is the
>> plan, not all is immediate.
>>
>>    -
>>
>>
>> On Mon, Dec 13, 2010 at 7:34 AM, Ralph Durkee <ralph.durkee at owasp.org>wrote:
>>
>>> I added some edits and comments in blue , most of it was along the lines
>>> of what has been discussed.
>>>
>>> -- Ralph
>>>
>>>
>>> On 12/12/2010 4:24 PM, Mark Bristow wrote:
>>>
>>> GCC Members,
>>>
>>> Based on friday's meeting, I've slightly modified the plan (mainly around
>>> the travel initiative).  I'd like for us to vote on and approve this plan.
>>>  We will go with 50% + 1 Voting model.
>>>
>>> If approved, I will parse out the changes we need to take to the board,
>>> and provide to them (via Kate) these items (such as budget and signature
>>> authority).
>>>
>>>  Mark Bristow: Approve
>>> John Wilander:
>>> Lucas Ferreira:
>>> Richard Greenberg:
>>> Ralph Durkee:
>>> Neil Matatall:
>>> Cassio Goldschmidt:
>>>
>>> ==========
>>>  Goals
>>>
>>>    1. Have a Global Appsec in NA, SA, EU, Asia in 2011
>>>    2. Promote OWASP Projects/Initiatives at OWASP Conferences
>>>    3. Enhance Services for Conference Planners
>>>    4. Reach out to developers (have 20% of attendees in a dev position)
>>>    5. Reach out to non-members (have 70% of attendees at cons
>>>    non-members)
>>>    6. Bring more into the fold (Generate 300 new/renewed members at
>>>    conferences)
>>>    7. Streamline Sponsorships (Global Conference Sponsors, Targeted
>>>    Conference Sponsors)
>>>    8. Revise GCC Governance
>>>    9. Have a profit of $200k in 2011 across all conferences
>>>
>>>
>>>
>>> Policy Changes
>>>
>>>     - Change Conference Types to include:
>>>     - OWASP Global AppSec Conferences (Currently AppSec Conferences)
>>>       - OWASP AppSec Conferences (*Title* can only be used by global
>>>       cons, and by conferences who have already used this name twice by the end of
>>>       2011, moving forward, only new Global AppSecs can use this name)
>>>       - OWASP Regional/Theme Conference (currently Regional, *DROP *all
>>>       regional cons will now have to have a unique theme, development,
>>>       PHP, Government, Browsers …..)
>>>     - GCC Member attendance at conferences Global AppSec and
>>>    Regional/Theme level cons (as available by GCC members and budget)
>>>       - GCC Representative shall not be intimately involved with the
>>>       conference planning to provide an objective assessment.
>>>       - Members will have the opportunity to request travel to scheduled
>>>       events and travel will be assigned based on proximity to the event, cost and
>>>       member availability.
>>>       - Travel policy to be defined under new governance document
>>>       - GCC member shall interface with the local planning committee at
>>>       least 1 month before trip (attend planning call)
>>>       - Interact with planners/attendees while at conference
>>>       - At the next GCC meeting the traveling member will be expected to
>>>       provide an post trip report covering
>>>          - Assessment of facility
>>>          - Event Marketing Strategy
>>>          - Examination of Event Budget
>>>          - Estimation of Speaker Quality
>>>
>>>
>>>    - Talk to Sponsors, Is it a quality and cost-effective event from
>>>    their perspective?
>>>    - Talk to Attendees?
>>>
>>>
>>>      - Any notable comments from planners/attendees
>>>          - Any unique outstanding elements
>>>          - Any issues
>>>       - GCC Member signature authority for OWASP (Leverage By-Lawys
>>>    Article VI Section 1 - Designate as Agent)
>>>     - Alleviate need of OWASP Board to sign contracts (currently a
>>>       significant bottleneck)
>>>       - All conference related contracts will be required to go through
>>>       the GCC
>>>       - In general will be responsibility of Chair, however all
>>>       committee members shall be authorized to sign on conference business (no
>>>       single point of failure)
>>>       - GCC members will not be permitted to sign contracts for
>>>       conferences they organize (except when signature is required immediately)
>>>       - Requires Board Vote (*This sweems a little out of place, I would
>>>       assume the whole goverance would go to the board)*
>>>    - All OWASP Branded events MUST use conference mgmt system to use
>>>    brand (must be enforced) Local chapter events use the brand, I don't
>>>    think we can or should state this so broadly)
>>>       - See initiatives *( I think we want to hold out on the MUST for
>>>       this until we have shown we have a good process)*
>>>       - It’s important to manage the schedule and enforce brand
>>>       management
>>>       - Any conference not registered & approved will receive no funds
>>>       or support (This is only part that's do-able upfront.)
>>>    - All Global AppSec and Regional/Theme conferences must have OWASP
>>>    Track (Change to encourage for regional and themed comferemces)
>>>     - See Initiatives, joint venture with Projects Committee
>>>
>>>
>>>
>>> Initiatives
>>>
>>>     - OWASP Conference management system (Goal 1, 3)
>>>       - We need a system to take in applications for events, vett them,
>>>       approve them, and schedule them.  The current process of people emailing
>>>       Kate, Me or the board is not acceptable with the number of events we have
>>>       - I see this as critical to establishing control over the OWASP
>>>       schedule and is a top priority
>>>    - OWASP AppSec Track (Goal 2)
>>>     - Partnership with projects committee
>>>       - Have a cadre of speakers, ready to go with presentations about
>>>       OWASP projects/activities
>>>       - Encourage all OWASP Regional and AppSec events to have an “OWASP
>>>       Track” of at least 6 presentations from this pool, managed, selected, and
>>>       funded by the GCC and the GPC
>>>      - OWASP Global Con Sponsors (Goal 3, 7)
>>>       - Provide unified sponsorships for the Global AppSec Conferences
>>>       - Split revenues among individual conferences budget
>>>       - Streamlines our sponsorships
>>>       - Does not interfere with existing conference sponsorships
>>>    - Central conference support services  (Goal 3)
>>>       - Investigate for-hire international conference support companies
>>>       - Investigate costs for hiring conference organizer
>>>       - Get board approval
>>>    - Conference Marketing (Goal 3)
>>>       - OWASP Conference Twitter accounts
>>>       - OWASP Conference Domain Names
>>>          - Register Names only
>>>          - http://www.AppSecNA.org <http://www.appsecna.org/>
>>>          - http://www.AppSecUS.org <http://www.appsecus.org/>
>>>          - http://www.AppSecEU.org <http://www.appseceu.org/>
>>>          - http://www.AppSecAsia.org <http://www.appsecasia.org/>
>>>          - http://www.AppSecSA.org <http://www.appsecsa.org/>
>>>          - If already owned by a conference, buy them out/transfer to
>>>          GCC Control
>>>          - GCC will re-direct to any hosting service once the conference
>>>          has been assigned
>>>          - Conference can still register AppSecUS2011.org and we can
>>>          just redirect as appropriate
>>>          - Helps maintain consistency in URLs between years
>>>       - Conference Twitter Accounts
>>>          - Like domains, turned over to planners for their use as
>>>          appropriate
>>>          - @OWASPConfrences – held by the GCC for announcements
>>>          - @OWASPAppSec – held by the GCC for announcements
>>>          - @AppSecNA
>>>          - @AppSecUS
>>>          - @AppSecEU
>>>          - @AppSecAsia
>>>          - @AppSecSA
>>>       - Use of Short URLS on the owasp.org website
>>>          - ex https://owasp.org/AppSecBR points to the wiki page for
>>>          this year’s conference
>>>       - Regional Targeted Mailing Lists
>>>          - To reduce OWASP All traffic
>>>       - OWASP Merchandise Model(Goal 3, Goal9)
>>>       - A shippable “OWASP Store” with OWASP branded items for sale at
>>>       conferences
>>>       - Already exists, just need to formalize
>>>    - OWASP Conference Marketing (global, regional, electronic, print)
>>>    (Goal 4,5,6)
>>>       - Procure Booth space at developer focused conferences
>>>       - Provide budget for OWASP Schwag for use at OWASP Booths in other
>>>       conferences
>>>       - Evaluate other advertising mechanisms for conferences
>>>
>>>
>>>
>>> Budget
>>>
>>>    - $5000 for conference support (schwag/tables) targeting developer
>>>    conferences
>>>    - $500 OWASP GCC Technology Needs
>>>       - Mainly Domain Names
>>>    - $15,000, OWASP Track Travel expenses (cap, will try and get indv
>>>    company sponsorships)
>>>    - $10,000 GCC Member at all conferences (approx $1500/AppSec, $800
>>>    Regional)
>>>
>>>
>>>
>>> Technology Needs
>>>
>>>    - conferences at owasp.org account (managed by chair, redirects to all
>>>    GCC Members, for registration of domains, twitter et all)
>>>    - Regional Mailing List solution
>>>    - Short URLS (http://www,owasp.org/AppSecBR)
>>>    - http://conferences.owasp.org<https://docs.google.com/a/owasp.org/document/d/1sOs9dY9zKLlLaaJMcOvz2nhM8T2OAWQlVciAGM5c5XA/edit?hl=en> (redirect
>>>    to conference wiki page)
>>>    - Event Management Solution
>>>    - Conference Twitter/Email Accounts/domain names
>>>    -
>>>
>>>
>>
>>
>> --
>> Mark Bristow
>> (703) 596-5175
>> mark.bristow at owasp.org
>>
>> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
>> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
>> AppSec DC Organizer - https://www.appsecdc.org
>>
>>
>
>
> --
> Mark Bristow
> (703) 596-5175
> mark.bristow at owasp.org
>
> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
> AppSec DC Organizer - https://www.appsecdc.org
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_conference_committee/attachments/20101214/d3fb6658/attachment-0001.html 


More information about the Global_conference_committee mailing list