[Global_industry_committee] GIC Conference Call - January 2010

David Campbell dcampbell at owasp.org
Wed Dec 23 11:04:51 EST 2009

either day works for me.


Colin Watson wrote:
> Dear all
> I wondered if we could start off 2010 with a committee conference
> call?  Some possible things to discuss:
> * another hello to our new committee members
> * structure/plan (see Tom's email copied in below)
> * Eoin's idea of a regional industry day
> * what else we are/have been doing
> * ?
> Lorna A has asked me to write something about the GIC's work for the
> January OWASP newsletter. So an earlier rather than later date would
> be preferred... my suggestions:
> * Tuesday 5 Jan at 17:00 hrs GMT or
> * Thursday 7 Jan at 17:00 hrs GMT
> Are either of these dates/times possible for the committee members?
> What else would you like to talk about?
> Best wishes for Christmas and the new year.
> Colin
> ---------- Forwarded message ----------
> From: Tom Brennan - OWASP <tomb at owasp.org>
> Date: 2009/11/21
> Subject: Re: New GIC members
> To: Colin Watson <colin.watson at owasp.org>
> Cc: Global_industry_committee at lists.owasp.org
> ....
> As we figure this out together as a committee....  there are (2) items
> that we are evolving;
> (these are my thoughts and I welcome debate on this or agreement, then we do it)
> What we have now =  http://www.owasp.org/index.php/Global_Industry_Committee
> Our charter has been ( taken from the following page:
> http://www.owasp.org/index.php/Global_Committee_Pages)
> Industry
> Start outreach to critical infrastructures worldwide such as:
> electricity generation, transmission and distribution;
> gas production, transport and distribution;
> oil and oil products production, transport and distribution;
> telecommunication;
> water supply (drinking water, waste water/sewage, stemming of surface
> water (e.g. dikes and sluices));
> agriculture, food production and distribution;
> heating (e.g. natural gas, fuel oil, district heating);
> public health (hospitals, ambulances);
> transportation systems (fuel supply, railway network, airports,
> harbors, inland shipping);
> financial services (banking, clearing);
> security services (police, military).
> ...they all use web applications...some even protect human life as
> well as PII and credit cards :)
> Identify issues or "efforts" like the Browser Working Group and
> others, the group should invite Industry CIO/CISO's (perhaps as a
> "value" of corporate membership support) to want to publicly
> collaborate on a document of industry needs that can add value to
> having the support of OWASP Foundation for the greater good of secure
> software, a internet based global economic platform and humanitarian
> needs worldwide
> So as we continue to evolve this means;
> * Industry Outreach - Providing a mechanism to collect the
> requirements of industry and be a unified voice for the consumer
> (business or end-user) of web application. This requires SIG (special
> interest groups) with appointments to roles. Example:  If my pal
> Richard Branson CEO of Virgin Airlines wanted to be a industry adviser
> for OWASP to support and add his creditability to the mission, that is
> a "token" role + with mutual acceptance this type of thing would give
> us access to a industry vertical (airlines example) and we could
> collect data from that segment from our conduits and additional
> supporting corporations so they can have a voice to the example
> framework, browser, governments etc... (could you see Dinis on Capital
> Hill or in Parliament talking about OWASP hahahaha)  We have already
> had several folks accept agree to help us with this industry movement
> that can also help serve the bigger picture of owasp mission. One
> thing that you will fid with such appointments is that you don't just
> get (1) person with a big title... typically you get that person and a
> team within that persons world to drive a measurable task that they
> are responsible for.  This also serves as a conduit for owasp
> connections people-to-people.
> * Industry Injection - Providing input and feedback to influence the
> documentation, policies pretty obvious to point out accomplishments
> thus far such as
> http://www.owasp.org/index.php/Global_Industry_Committee#Completed_Items
> in addition to best practices and information provided to the world
> that we are already doing projects/papers etc...  The more the better
> actually and  we can drive this with a task force / tiger team / group
> of people that wish to focus on a single measurable effort together
> and OWASP can justify this by doing a working group of XX people to
> spend time together to knock out a task.  This was of course the
> primary focus in 2009 to get us reference materials as we continue.
> So...  the 1st edit of
> http://www.owasp.org/index.php/Global_Committee_Pages that I did was
> to add Special Interest Group and adding of Jim, Jim and Joe that were
> conceived to facilitate outreach to industry. This morning morning
> looked at it again and noted your change of the India Board,
> http://www.owasp.org/index.php/OWASP_India_Advisory_Board.   I see
> this as a regional group of people focused on a region of the world.
> So we have to make a choice.
> On the Committee Page we do we add buckets by special interest
> group/industry vertical type globally OR do we break it out by regions
> of the world and then SIG's special interest group/industry vertica
> within the region of the world.
> It would seem that it should be Global Industry Committee /  Regional
> Industry Committee / Special Interest Group / Vertical would you guys
> agree?
> Once we have a revised and agreed plan we can then start pulling all
> the people together, not trying to make it complex rather a structure
> that can allow us to plug in energy and a mechanism that can scale out
> of the gate.
> Finally - the OWASP-CRM project should be live by 12/15 and we will be
> able to start using it for this purpose as well
> http://www.owasp.org/index.php/Category:OWASP_CRM_Project
> Thoughts discussion?
> hit me up on skype (jinxpuppy) to discuss more.
> --
> Tom Brennan
> http://www.linkedin.com/in/tombrennan
> (973) 506-9303
> _______________________________________________
> Global_industry_committee mailing list
> Global_industry_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_industry_committee

More information about the Global_industry_committee mailing list