[Global_industry_committee] New GIC members

Rex Booth rex.booth at owasp.org
Sun Nov 22 08:37:13 EST 2009


I support this.

On Nov 21, 2009, at 11:09 AM, Eoin <eoin.keary at owasp.org> wrote:

> I mentioned this to Colin during the Summit. I am happy for him to  
> lead also.
>
>
> 2009/11/21 Tom Brennan - OWASP <tomb at owasp.org>
> Thanks for adding this Colin.
>
> One of the items from the Summit is identification of a committee  
> chair.  With your efforts thus far in 2009 I would like to NOMINATE  
> you from withing our group to that role (others.. do you support  
> this?)  Moving forward, that role is welcomed to hand the torch off  
> to anyone else on the committee at any time should they wish to  
> recognize leadership, effort or as a result of lack of time and we  
> can use the annual summit as a get together as we did this year.
>
> As we figure this out together as a committee....  there are (2)  
> items that we are evolving;
>
> (these are my thoughts and I welcome debate on this or agreement,  
> then we do it)
>
> What we have now =  http://www.owasp.org/index.php/Global_Industry_Committee
>
> Our charter has been ( taken from the following page: http://www.owasp.org/index.php/Global_Committee_Pages 
> )
> Industry
>
> Start outreach to critical infrastructures worldwide such as:
> electricity generation, transmission and distribution;
> gas production, transport and distribution;
> oil and oil products production, transport and distribution;
> telecommunication;
> water supply (drinking water, waste water/sewage, stemming of  
> surface water (e.g. dikes and sluices));
> agriculture, food production and distribution;
> heating (e.g. natural gas, fuel oil, district heating);
> public health (hospitals, ambulances);
> transportation systems (fuel supply, railway network, airports,  
> harbors, inland shipping);
> financial services (banking, clearing);
> security services (police, military).
> ...they all use web applications...some even protect human life as  
> well as PII and credit cards :)
>
> Identify issues or "efforts" like the Browser Working Group and  
> others, the group should invite Industry CIO/CISO's (perhaps as a  
> "value" of corporate membership support) to want to publicly  
> collaborate on a document of industry needs that can add value to  
> having the support of OWASP Foundation for the greater good of  
> secure software, a internet based global economic platform and  
> humanitarian needs worldwide
> So as we continue to evolve this means;
>
> * Industry Outreach - Providing a mechanism to collect the  
> requirements of industry and be a unified voice for the consumer  
> (business or end-user) of web application. This requires SIG  
> (special interest groups) with appointments to roles. Example:  If  
> my pal Richard Branson CEO of Virgin Airlines wanted to be a  
> industry adviser for OWASP to support and add his creditability to  
> the mission, that is a "token" role + with mutual acceptance this  
> type of thing would give us access to a industry vertical (airlines  
> example) and we could collect data from that segment from our  
> conduits and additional supporting corporations so they can have a  
> voice to the example framework, browser, governments etc... (could  
> you see Dinis on Capital Hill or in Parliament talking about OWASP  
> hahahaha)  We have already had several folks accept agree to help us  
> with this industry movement that can also help serve the bigger  
> picture of owasp mission. One thing that you will fid with such  
> appointments is that you don't just get (1) person with a big  
> title... typically you get that person and a team within that  
> persons world to drive a measurable task that they are responsible  
> for.  This also serves as a conduit for owasp connections people-to- 
> people.
>
> * Industry Injection - Providing input and feedback to influence the  
> documentation, policies pretty obvious to point out accomplishments  
> thus far such as http://www.owasp.org/index.php/Global_Industry_Committee#Completed_Items 
>  in addition to best practices and information provided to the world  
> that we are already doing projects/papers etc...  The more the  
> better actually and  we can drive this with a task force / tiger  
> team / group of people that wish to focus on a single measurable  
> effort together and OWASP can justify this by doing a working group  
> of XX people to spend time together to knock out a task.  This was  
> of course the primary focus in 2009 to get us reference materials as  
> we continue.
>
> So...  the 1st edit of http://www.owasp.org/index.php/Global_Committee_Pages 
>  that I did was to add Special Interest Group and adding of Jim, Jim  
> and Joe that were conceived to facilitate outreach to industry. This  
> morning morning looked at it again and noted your change of the  
> India Board, http://www.owasp.org/index.php/ 
> OWASP_India_Advisory_Board.   I see this as a regional group of  
> people focused on a region of the world.
>
> So we have to make a choice.
>
> On the Committee Page we do we add buckets by special interest group/ 
> industry vertical type globally OR do we break it out by regions of  
> the world and then SIG's special interest group/industry vertica  
> within the region of the world.
>
> It would seem that it should be Global Industry Committee /   
> Regional Industry Committee / Special Interest Group / Vertical  
> would you guys agree?
>
> Once we have a revised and agreed plan we can then start pulling all  
> the people together, not trying to make it complex rather a  
> structure that can allow us to plug in energy and a mechanism that  
> can scale out of the gate.
>
> Finally - the OWASP-CRM project should be live by 12/15 and we will  
> be able to start using it for this purpose as well http://www.owasp.org/index.php/Category:OWASP_CRM_Project
>
> Thoughts discussion?
>
> hit me up on skype (jinxpuppy) to discuss more.
>
>
>
>
>
> On Sat, Nov 21, 2009 at 5:01 AM, Colin Watson  
> <colin.watson at owasp.org> wrote:
> Three new GIC members added to:
>
> http://www.owasp.org/index.php/Global_Committee_Pages
> http://www.owasp.org/index.php/Global_Industry_Committee
>
> Colin
>
> 2009/11/19 Tom Brennan - OWASP <tomb at owasp.org>:
> > Simply add them to the page - people are volunteering to give time  
> and
> > energy - lets not make it complicated to do so.
> >
> > Then when they take on a task, that is how we measure effectiveness.
>
>
>
> -- 
> Tom Brennan
> http://www.linkedin.com/in/tombrennan
> (973) 506-9303
>
> _______________________________________________
> Global_industry_committee mailing list
> Global_industry_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_industry_committee
>
>
>
>
> -- 
> Eoin Keary
> OWASP Board Member
> OWASP Code Review Guide Lead Author
> OWASP Ireland Chapter Lead
> OWASP Global Committee Member (Industry)
>
> http://asg.ie/
> https://twitter.com/EoinKeary
> _______________________________________________
> Global_industry_committee mailing list
> Global_industry_committee at lists.owasp.org
> https://lists.owasp.org/mailman/listinfo/global_industry_committee
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_industry_committee/attachments/20091122/54d9c389/attachment.html 


More information about the Global_industry_committee mailing list