[Global_conference_committee] [Global_chapter_committee] [Global_membership_committee] Conference/Chapter Revenue Splitting

dinis cruz dinis.cruz at owasp.org
Sun Dec 19 02:58:35 EST 2010

The Samy tour is a great example of what happens when you remove from the
Chapters the responsibility to make the initial decision (and some of the
financial cost).

John's email below is spot on, when I talk about 'financial paralysis' and
the inability from our chapter leaders to spend (or ask) for money, that is
exactly what I'm talking about. If (in the curent model) John W. doesn't
feel confortable in asking for money, then who is?

Our current OWASP culture, doesn't promote a 'spending proactivity' of our
projects and chapter leaders. In fact, it is not even enough to say *'here
is money, we trust you, go and spend it'* (as we see with the 30k allocated
to Projects, Committees and Chapters which has barely been used).

I think that this is a reflection of the normal non-OWASP world where there
are always very strong controls on the use of financial resources.

Add to that a *"I don't need the headache of having to justify why I need
the money"* to a *"If I'm doing this for OWASP and I have the track record,
why should I even have to justify it"* to a *"I really like OWASP and don't
want to spend the resources badly"*  to a *"What are the rules for
engagement if it doesn't work out as well as I would like it to?"* you have
a perfect storm for inaction

Dinis Cruz

On 17 December 2010 12:21, John Wilander <john.wilander at owasp.org> wrote:

> Gosh, some heavy emailing going on here.
> Just a short one to answer Mark's request for examples of chapters being
> denies funding.
> I think this is not a case of chapters asking for money and being denied.
> No such examples to my knowledge. I think the case is "we have no money so
> we don't do X and Y". Chapters don't feel empowered or comfortable to write
> an email to Mark or Kate and ask for $. Instead they strive in mediocracy
> and skip doing better events.
> In concrete terms ... Samy Kamkar's talks at several European chapters were
> a huge success. But they were *not* initiated by empowered chapters. It
> was a *central* OWASP initiative with a *central* funding solution in
> place. Now OWASP Sweden wants to pursue this path and invite Mario
> Heiderich, Gareth Heyes, Dinis Cruz etc. Great! But have we written an email
> to Mark yet? No. Not even I, being a member of the GCC, feel comfortable
> asking for the foundation's money to run a local event.
> In this case OWASP Sweden actually has money. Why? Because we got a share
> of the revenue from OWASP AppSec in Stockholm. So we're going to fly Mario
> Heiderich in and build upon the success with Samy. We already have more than
> 500 members and we asked them what we should use the chapter's money for.
> Answer: More international experts giving talks and tutorials. This is what
> the chapter members want.
> (Of course we will try to find sponsors to lower the chapter's costs and we
> will try to cooperate with OWASP Finland and Norway so we can share travel
> costs.)
>    Regards, John
> 2010/12/16 L. Gustavo C. Barbato <lgbarbato at owasp.org>
>> I also defend the idea of collaboration between chapters in order to
>> achieve great conferences results - when I say collaboration I do mean
>> collaborate <http://dictionary.reference.com/browse/collaborate> (*to
>> work, one with another; cooperate, as on a literary work*), in other
>> words, without having profits in mind.
>> However, aiming to compensate the collaboration on conferences and have a
>> fair support of OWASP, I do defend the idea of having conferences in
>> different cities yearly according to local chapters locations. Nevertheless,
>> we can't forget the hard work necessary of local chapters to host a
>> conference -- I know that because after the AppSec Brazil 2010 (last month),
>> I don't stop thinking and working on AppSec 2011 -- it's already being
>> time-consuming.
>> L. *Gustavo* C. *Barbato*, Ph.D.
>> Chapter Leader, OWASP Porto Alegre / *Brazil*
>> Global Chapter Committee Member
>>  http://www.owasp.org/index.php/User:Gustavo_Barbato
>> On 12/15/2010 12:29 PM, Mark Bristow wrote:
>> Comments forwarded on Lucas's behalf (he's on vacation and can't send as
>> the right user.....)
>>  =======
>>  I don't like the idea of having one chapter getting so more funds then
>> others. For AppSec Brasil, we will have people from multiple chapters
>> involved and it would not be nice to have one chapter getting all the
>> money. Having to decide a split amongst chapters would need energy
>> that could be better used somewhere else.
>> In principle, I don't like the idea of having chapters "fighting" for
>> money, and we may have this in the future if the chapter split is too
>> high. I'm afraid collaboration may decrease in the long run. On the
>> oher hand, I'd like to see a solution that increases the involvement
>> of chapter leader in our conferences, specially to have people from
>> different chpaters to collaborate in conference teams.
>> I think that having many chapters with some money is better than
>> having a few chapters with a lot of money. I think we should invest
>> more in getting more active chapters than making a few chapters more
>> active.
>> The fund idea seams a good solution to me.
>> Regards,
>> Lucas
>> On Tue, Dec 14, 2010 at 7:19 PM, Neil Matatall <neil at owasp.org> wrote:
>>> Well this thread has become epic and unfortunately I haven't been able
>>> to catch all of the ideas.  I really hope I can catch up, but why
>>> don't we have a conference call or discuss this at the summit (those
>>> not in attendance will have to be accommodated somehow)?
>>> Times like these make me wish my phone has an "threaded" email view :(
>>> On Tue, Dec 14, 2010 at 12:13 PM, Jason Li <jason.li at owasp.org> wrote:
>>> > So taking Michael's suggestion of starting fresh, I've cleared the long
>>> > quote of the thread.
>>> > As an observer to the thread, I'm going to capture what I think has
>>> been
>>> > mentioned so far on the thread.
>>> >
>>> > And then I'll weigh in with my humble opinion, keeping in mind that I
>>> am not
>>> > involved in the Conferences Committee, Membership Committee, Chapter
>>> > Committee, or the Board (in other words, I'm a nobody in this
>>> conversation
>>> > :)).
>>> > ----
>>> > Summary of Problem:
>>> > Where does Conference revenue go?
>>> > Points of Concern:
>>> > 1) Conferences are put on with the assistance of local chapters and
>>> > coordination/support from the OWASP mothership
>>> > 2) We want a way to reward local chapters for their help with
>>> > running/coordinating a conference
>>> > 3) We want conference attendees the option to get OWASP Memberships
>>> bundled
>>> > in with the conference
>>> > 4) Chapters need money to do things
>>> > -------
>>> > Now with that out of the way, my personal thoughts:
>>> > #4 is completely independent of Conference revenue. There are lots of
>>> other
>>> > OWASP sectors that also need money to do things (Projects and Summits
>>> for
>>> > example). If there is a need for Chapters to do something, then this
>>> should
>>> > be allocated out of the main OWASP mothership budget and not out of
>>> > Conference revenue.
>>> > In my view, conference revenue should go to one of three places:
>>> > 1) OWASP Mothership fund (where the Board can then re-allocate as
>>> needed to
>>> > support Chapters or other initiatives as appropriate)
>>> > 2) Local Chapter(s) supporting the conference (in order to recognize
>>> their
>>> > support)
>>> > 3) Conferences fund managed by the Conferences Committee
>>> > I'm not even sure if #3 is really necessary as that could also fall
>>> under
>>> > #1.
>>> > The only real debate is what proportion of the revenue should go into
>>> which
>>> > bucket. That's where I believe this debate originally started. All this
>>> > other talk about chapter needs and a chapter fund has clouded the
>>> > discussion.
>>> > -Jason
>>>  > _______________________________________________
>>> > Global_conference_committee mailing list
>>> > Global_conference_committee at lists.owasp.org
>>> > https://lists.owasp.org/mailman/listinfo/global_conference_committee
>>> >
>>> >
>>> --
>>>  --
>>> Neil
>> --
>> Mark Bristow
>> (703) 596-5175
>> mark.bristow at owasp.org
>> OWASP Global Conferences Committee Chair - http://is.gd/5MTvF
>> OWASP DC Chapter Co-Chair - http://is.gd/5MTwu
>> AppSec DC Organizer - https://www.appsecdc.org
>> _______________________________________________
>> Global_chapter_committee mailing listGlobal_chapter_committee at lists.owasp.orghttps://lists.owasp.org/mailman/listinfo/global_chapter_committee
>> _______________________________________________
>> Global_conference_committee mailing list
>> Global_conference_committee at lists.owasp.org
>> https://lists.owasp.org/mailman/listinfo/global_conference_committee
> --
> John Wilander, https://twitter.com/johnwilander
> Chapter co-leader OWASP Sweden, http://owaspsweden.blogspot.com
>  <http://owaspsweden.blogspot.com>Co-organizer Global Summit,
> http://www.owasp.org/index.php/Summit_2011
> <http://www.owasp.org/index.php/Summit_2011>Conf Comm,
> http://www.owasp.org/index.php/Global_Conferences_Committee
> _______________________________________________
> Global_conference_committee mailing list
> Global_conference_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_conference_committee
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_conference_committee/attachments/20101219/690e8e1c/attachment.html 

More information about the Global_conference_committee mailing list