[Global_industry_committee] OWASP Financial Services SIG

fabio.e.cerullo at aib.ie fabio.e.cerullo at aib.ie
Wed Jan 27 04:43:10 EST 2010

This is great! I really like to see this working... so let's have a 
meeting (probably next week)?

I'm in GMT zone so please let me know your location and I will coordinate 
the conf call bridge.


Fabio Cerullo
Divisional Information Security 
Bankcentre D1, 
Dublin 4,

Tel: +353 1 772 6309
Email: fabio.e.cerullo at aib.ie

"Joe Bernik" <bernik at gmail.com>
27/01/2010 01:21
        To:     "'Jerry Kickenson'" <jerry.kickenson at verizon.net>, "'Jim 
Routh'" <routh3742 at gmail.com>, <fabio.e.cerullo at aib.ie>
        cc:     "Global_industry_committee" 
<Global_industry_committee at lists.owasp.org>
        Subject:        RE: OWASP Financial Services SIG

Jim and Fabio,
I could  use your guidance and collaboration on this effort.
Perhaps we can have a quick call to formalize our approach and potential 
topics. Ultimately it would be great to coordinate with the Summit in 
Sweden in June
I would love to have all the CISO’s discuss emerging trends in the AppSec 
space and then take questions from the attendees in Sweeden.
Just some thoughts.
From: Jerry Kickenson [mailto:jerry.kickenson at verizon.net] 
Sent: Tuesday, January 26, 2010 10:47 AM
To: Jim Routh
Cc: Joe Bernik
Subject: Re: OWASP Financial Services SIG

Your text look great. 

However, there seems to be a potentially parallel effort going on in the 
Global Industry committee.  I don't know if you get the GIC notes?  There 
seems to be an initiative to create a CISO level group from the financial 
industry, which Joe has indicated he would assist with.  The notes I have 
on this follow.

If Joe and others are putting together a CISO panel, should we perhaps 
support that effort, and not put together another group?  Or would another 
group (perhaps more technical, or a different level) add any value?

Let us know what you think.  Hopefully Joe can fill us in, as well.  We 
can then close the circle with Tom and Colin Watson.

You can reach me at this email (jerry.kickenson at verizon.net, or at 
jerry.kickenson at swift.com).

Best regards,

Message: 1
Date: Sun, 24 Jan 2010 10:44:40 +0000
From: Colin Watson <colin.watson at owasp.org>
Subject: Re: [Global_industry_committee] Global Industry committee
To: Joe Bernik <bernik at gmail.com>,    Global_industry_committee
        <Global_industry_committee at lists.owasp.org>
        <b46e4cdd1001240244o327f63cdoedab2fd3959eb899 at mail.gmail.com>
Content-Type: text/plain; charset=ISO-8859-1
Hi Joe
That sounds of interest.  Is it worth writing up some notes proposing
its scope, objectives and the resources required?  It's often down to
us as individuals to do the legwork.
2010/1/19 Joe Bernik <bernik at gmail.com>:
> Gents,
> I listened to the recording of the committee call over the weekend.
> I would be happy to assist in coordinating a CISO panel if the committee
> would like.
> I believe I can get a handful of CISO's fro the FS sector to attend.
> Joe
Global_industry_committee mailing list
Global_industry_committee at lists.owasp.org

End of Global_industry_committee Digest, Vol 13, Issue 11

Jim Routh wrote: 

Jim Routh has sent you a message.
Date: 1/25/2010 
Subject: RE: OWASP Financial Services SIG 
I sent this on December 3rd but it must have been bounced...Jerry,

Here this is what I prepared. Feel free to cc Joe and me on your message 
to Tom.


The purpose of the OWASP Financial Services Sub Group is to define and 
rank requirements from the industry for OWASP to address and consider as 
projects to support the maturation of software security practices for the 


The Financial Services SIG will reach out to selected leaders in software 
security programs and facilitate a consensus based process for defining 
requirements and priorities for potential OWASP project work that will 
directly benefit financial service firms. The initial deliverable from 
this SIG will be a list of potential project requirements in rank order 
with descriptive information available for each one. 


OWASP has been a vital and essential part of the promotion of best 
practices in software security and growing the awareness of the need for 
mature software security practices among the development community. This 
effort will produce a list of potential project requirements that reflect 
the financial service industry's needs to improve awareness and 
capabilities leveraged by software developers through OWASP projects and 


Please give me your email address.

On 01/19/10 2:59 PM, Jerry. Kickenson wrote:

Hope you had a great holiday. 

Do you think you'll have time to draft a mission/purpose statement for the 
OWASP financial services SIG we can pass by Tom? I can probably make some 
time over the next week or so if you are too busy.

Let me know what you think.

Best regards,
View/reply to this message
Don't want to receive e-mail notifications? Adjust your message settings.
© 2010, LinkedIn Corporation 

This document is strictly confidential and is intended for use by the addressee unless otherwise indicated.

This email has been scanned by an external email security system.

Allied Irish Banks

AIB and AIB Group are registered business names of Allied Irish Banks p.l.c. Allied Irish Banks, p.l.c. is regulated by the Financial Regulator.  Registered Office: Bankcentre, Ballsbridge, Dublin 4. Tel: + 353 1 6600311; Registered in Ireland: Registered No. 24173

Please consider the environment before printing this e-mail. 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.owasp.org/pipermail/global_industry_committee/attachments/20100127/5ae463d0/attachment-0001.html 

More information about the Global_industry_committee mailing list